Packagist (Composer) package
spipu/html2pdf
pkg:composer/spipu/html2pdf
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-39062 | — | < 5.2.8 | 5.2.8 | Aug 28, 2023 | Cross Site Scripting vulnerability in Spipu HTML2PDF before v.5.2.8 allows a remote attacker to execute arbitrary code via a crafted script to the forms.php. | ||
| CVE-2021-45394 | — | < 5.2.4 | 5.2.4 | Jan 18, 2022 | An issue was discovered in Spipu HTML2PDF before 5.2.4. Attackers can trigger deserialization of arbitrary data via the injection of a malicious tag in the converted HTML document. |
- CVE-2023-39062Aug 28, 2023affected < 5.2.8fixed 5.2.8
Cross Site Scripting vulnerability in Spipu HTML2PDF before v.5.2.8 allows a remote attacker to execute arbitrary code via a crafted script to the forms.php.
- CVE-2021-45394Jan 18, 2022affected < 5.2.4fixed 5.2.4
An issue was discovered in Spipu HTML2PDF before 5.2.4. Attackers can trigger deserialization of arbitrary data via the injection of a malicious tag in the converted HTML document.