Advisories for Npm/Highcharts-Export-Server package

2021

Vulnerability allowing for reading internal HTTP resources

Impact The vulnerability allows for reading and outputting files served by other services on the internal network in which the export server is hosted. If the export server is exposed to the internet, this potentially allows a malicious user to gain read access to internal web-resources. The impact is limited to internal services that serve content via. HTTP(S), and requires the attacker to know internal hostnames/IP addresses. The previous versions …