EJS has a critical vulnerability

Question

EJS has a critical vulnerability

andrewdavidcostello opened this issue 2 years ago · 1 comments

andrewdavidcostello commented 2 years ago

ejs  <3.1.7
Severity: critical
Template injection in ejs - https://github.com/advisories/GHSA-phwq-j96m-2c2q
fix available via `npm audit fix`
node_modules/ejs

Running npm audit fix will solve this for now but might be good to update?

Answer 1 · 2022-07-13T12:11:03.000Z

Updated: https://github.com/trapcodeio/vite-plugin-ejs/releases/tag/v1.5.0