CVE-2023-29827
First published: Thu May 04 2023(Updated: )
** DISPUTED ** ejs v3.1.9 is vulnerable to server-side template injection. If the ejs file is controllable, template injection can be implemented through the configuration settings of the closeDelimiter parameter. NOTE: this is disputed by the vendor because the render function is not intended to be used with untrusted input.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| EJS | =3.1.9 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2023-29827.
What is the severity of CVE-2023-29827?
The severity of CVE-2023-29827 is critical.
How does the vulnerability in ejs v3.1.9 manifest?
The vulnerability in ejs v3.1.9 allows for server-side template injection if the ejs file is controllable.
How can template injection be implemented in ejs v3.1.9?
Template injection can be implemented through the configuration settings of the closeDelimiter parameter.
Is there a fix available for this vulnerability?
Yes, the vendor has provided a fix for this vulnerability in later versions of ejs.
- collector/nvd-latest
- agent/references
- agent/type
- agent/author
- agent/remedy
- agent/severity
- agent/weakness
- agent/status
- agent/description
- agent/first-publish-date
- agent/source
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/event
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- status/disputed
- vendor/ejs
- canonical/ejs
- version/ejs/3.1.9