bpampuch/pdfmake is vulnerable to arbitrary code execution. The vulnerability exists in eval()
function of server.js
due to lack of sanitization of the data sent to the server which allows an attacker to inject and execute malicious codes in to the system.
CPE | Name | Operator | Version |
---|---|---|---|
bpampuch/pdfmake | le | 0.3.0-beta.3 | |
bpampuch/pdfmake | le | 0.3.0-beta.3 |