Overview wkhtmltopdf is a widely used open source pdf and image rendering utility. When used improperly, this utility can introduce high risk security vulnerbilities. Because wkhtmltopdf renders HTML content on the server-side, it is a high risk target for both Server-side Request Forgery (SSRF) and Local File Inclusion (LFI) vulnerabilities. If a malicious user can … Continue reading wkhtmltopdf File Inclusion Vulnerability