PT-2023-22433 · Ejs+1 · Ejs+1

Published

2023-05-04

Updated

2026-05-27

CVE-2023-29827

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions ejs version 3.1.9

Description The issue concerns server-side template injection. If the ejs file is controllable, template injection can be implemented through the configuration settings of the closeDelimiter parameter. It is noted that the vendor disputes this, stating the render function is not intended to be used with untrusted input.

Recommendations For ejs version 3.1.9, as a temporary workaround, consider restricting the use of the closeDelimiter parameter in configuration settings to minimize the risk of template injection. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Special Elements Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-74

Related Identifiers

CVE-2023-29827

Affected Products

Debian

Ejs

PT-2023-22433 · Ejs+1 · Ejs+1

CVE-2023-29827

Weakness Enumeration

Related Identifiers

Affected Products

References · 14