logo

Database

Reflected cross-site scripting (XSS) In handlebars-source

Description

XSS vulnerability due to improper value escaping

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. GCVE-OSVDB-131671

References

1. https://github.com/wycats/handlebars.js/commit/83b8e846a3569bd366cf0b6bdc1e4604d1a2077e2. https://github.com/wycats/handlebars.js/issues/1114

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.