CVE-2015-8861

Опубликовано: 23 янв. 2017

Источник: ubuntu

Приоритет: medium

CVSS2: 4.3

CVSS3: 6.1

Описание

The handlebars package before 4.0.0 for Node.js allows remote attackers to conduct cross-site scripting (XSS) attacks by leveraging a template with an attribute that is not quoted.

Релиз	Статус	Примечание
artful	ignored	end of life
bionic	not-affected	3:4.0.10-5
cosmic	not-affected	3:4.0.10-5
devel	not-affected	3:4.0.10-5
esm-apps/bionic	not-affected	3:4.0.10-5
esm-infra-legacy/trusty	DNE
precise	DNE
precise/esm	DNE
trusty	DNE
trusty/esm	DNE

Показывать по

Ссылки на источники

https://www.cve.org/CVERecord?id=CVE-2015-8861

4.3 Medium

CVSS2

6.1 Medium

CVSS3

Связанные уязвимости

CVE-2015-8861

CVSS3: 6.1

nvd

около 9 лет назад

The handlebars package before 4.0.0 for Node.js allows remote attackers to conduct cross-site scripting (XSS) attacks by leveraging a template with an attribute that is not quoted.

CVE-2015-8861

CVSS3: 6.1

debian

около 9 лет назад

The handlebars package before 4.0.0 for Node.js allows remote attacker ...

GHSA-9prh-257w-9277

CVSS3: 6.1

github

больше 7 лет назад

Cross-Site Scripting in handlebars

4.3 Medium

CVSS2

6.1 Medium

CVSS3

CVE-2015-8861

Описание

Пакет node-handlebars

Ссылки на источники

Связанные уязвимости