Finastra/ssr-pages

Finastra/ssr-pages

Unavailable

This project is no longer available (or publicly accessible) from GitHub

Releases0

Builder of html pages for the purpose of SSR (Server-side rendering)

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2022-24717 ↗	Mar 1, 2022Tuesday, 1 March 2022, 19:15	6.1 MEDIUM	4.3 MEDIUM
ssr-pages is an HTML page builder for the purpose of server-side rendering (SSR). In versions prior to 0.1.5, a cross site scripting (XSS) issue can occur when providing untrusted input to the `redirect.link` property as an argument to the `build(MessagePageOptions)` function. While there is no known workaround at this time, there is a patch in version 0.1.5.
CVE-2022-24718 ↗	Mar 1, 2022Tuesday, 1 March 2022, 19:15	7.6 HIGH	4 MEDIUM
ssr-pages is an HTML page builder for the purpose of server-side rendering (SSR). In versions prior to 0.1.4, a path traversal issue can occur when providing untrusted input to the `svg` property as an argument to the `build(MessagePageOptions)` function. While there is no known workaround at this time, there is a patch in version 0.1.4.