electron-pdf@20.0.0 vulnerabilities

A command line tool to generate PDF from URL, HTML or Markdown files

Direct Vulnerabilities

Known vulnerabilities in the electron-pdf package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • H
Cross-site Scripting (XSS)

electron-pdf is a command line tool to generate PDF from URL, HTML or Markdown files with electron.

Affected versions of this package are vulnerable to Cross-site Scripting (XSS) due to the application not validating the HTML content entered by the user. An attacker can remotely obtain arbitrary local files by injecting malicious HTML content.

How to fix Cross-site Scripting (XSS)?

There is no fixed version for electron-pdf.

>=20.0.0