Critical severityNVD Advisory· Published May 8, 2023· Updated Jan 28, 2025
Code Injection in jsreport/jsreport
CVE-2023-2583
Description
Code Injection in GitHub repository jsreport/jsreport prior to 3.11.3.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
jsreportnpm | < 3.11.3 | 3.11.3 |
Affected products
2- jsreport/jsreport/jsreportv5Range: unspecified
Patches
Vulnerability mechanics
References
5- github.com/advisories/GHSA-g7rj-q722-245gghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2023-2583ghsaADVISORY
- github.com/jsreport/jsreport/commit/afaff3804b34b38e959f5ae65f9e672088de13d7ghsaWEB
- github.com/jsreport/jsreport/releases/tag/3.11.3ghsaWEB
- huntr.dev/bounties/397ea68d-1e28-44ff-b830-c8883d067d96ghsaWEB
News mentions
0No linked articles in our index yet.