Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve security documentation around templates #37

Open
UlisesGascon opened this issue Nov 27, 2024 · 0 comments
Open

Improve security documentation around templates #37

UlisesGascon opened this issue Nov 27, 2024 · 0 comments
Assignees
@UlisesGascon
Labels
documentation Improvements or additions to documentation

Comments

@UlisesGascon
Copy link
Member

Based on CVE-2021-32822 and GHSL-2021-020: File disclosure in hbs - CVE-2021-32822 we might want to include recommendations for safe templating in https://expressjs.com/en/advanced/best-practice-security.html.

Passing template engine configuration parameters through the Express render API can lead to vulnerabilities if the object is user controlled. Downstream applications often opt to pass their template data in directly through the remote user-controlled req.query object. This results in a scenario where a remote attacker may be able to subvert the vulnerable application through malicious template engine configuration options.

The security impact is specific to the engine used by the application but ranges from XSS to RCE.
@UlisesGascon UlisesGascon added the documentation Improvements or additions to documentation label Nov 27, 2024
@UlisesGascon UlisesGascon self-assigned this Nov 27, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@UlisesGascon UlisesGascon

Labels
documentation Improvements or additions to documentation
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@UlisesGascon