I wrote a solution in 2010 that used headless Firefox with some plugins to generate a PDF and then had the graphic designer write print CSSes. It was driven by Perl and was a convenient way for non-programmers to design forms.
Unfortunately, that server and software stack is still around and still in production.
> Unfortunately, that server and software stack is still around and still in production.
that means you did a good job.
2010-era Firefox is probably plagued by security holes.
If your print-file generation code tries to exploit the headless browser you use to turn its outputs into PDF something has gone very wrong already.
My biggest concern would be the Perl libraries I used to sanitise the input. I checked and none of them have any CVEs, though.