PDF Generator

PDF HTML Injection

The invoice PDF generator renders user input as HTML before printing, so attackers can inject `<iframe src=file://...>` and SSRF payloads.

CWE-79CWE-918
Back to hub Reload scenario
PDF probe 

  


      

    


    

      

        
Expected Findings

        
    
          
  • `customer_note` is interpolated directly into the HTML template that drives the PDF engine.
  • `<iframe src=file://>` is honored by the headless renderer.
  • SSRF via `<img src=http://internal>` lands in the rendered output.
    • 
        

      


      

      

        
Signals

        
        

          
Template

          
<h1>Invoice</h1><p>Note: ${customerNote}</p>  // raw

        

        
      

    


    

    

      Developed by vibe-eval.com for validation and testing purposes only.