Advisories for Npm/Jsreport package

Code Injection in GitHub repository jsreport/jsreport prior to 3.11.3.

An unintended require and server-side request forgery vulnerabilities in jsreport allow attackers to execute arbitrary code.