mirror of
https://github.com/0xMarcio/cve.git
synced 2025-11-30 18:56:19 +00:00
858 B
858 B
CVE-2021-23369
&color=brighgreen)
Description
The package handlebars before 4.7.7 are vulnerable to Remote Code Execution (RCE) when selecting certain compiling options to compile templates coming from an untrusted source.
POC
Reference
- https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074950
- https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074951
- https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074952
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-1056767
Github
No PoCs found on GitHub currently.