Vulnerabilities > EJS > EJS > 2.1.3
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-11-17 | CVE-2017-1000228 | Improper Input Validation vulnerability in EJS nodejs ejs versions older than 2.5.3 is vulnerable to remote code execution due to weak input validation in ejs.renderFile() function | 10.0 |
2017-11-17 | CVE-2017-1000189 | Improper Input Validation vulnerability in EJS nodejs ejs version older than 2.5.5 is vulnerable to a denial-of-service due to weak input validation in the ejs.renderFile() | 5.0 |
2017-11-17 | CVE-2017-1000188 | Cross-site Scripting vulnerability in EJS nodejs ejs version older than 2.5.5 is vulnerable to a Cross-site-scripting in the ejs.renderFile() resulting in code injection | 4.3 |