Описание
[quoteless attributes in templates can lead to content injection]
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| mustache.js | unfixed | package |
Примечания
fixed in 2.2.1
https://github.com/janl/mustache.js/commit/378bcca8a5cfe4058f294a3dbb78e8755e8e0da5
https://nodesecurity.io/advisories/62
Security hardening, not a vulnerability