exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2019-20920

больше 5 лет назад

Handlebars before 3.0.8 and 4.x before 4.5.3 is vulnerable to Arbitrary Code Execution. The lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript. This can be used to run arbitrary code on a server processing Handlebars templates or in a victim's browser (effectively serving as XSS).

CVSS3: 8.1

EPSS: Низкий

CVE-2019-20920

больше 6 лет назад

Handlebars before 3.0.8 and 4.x before 4.5.3 is vulnerable to Arbitrary Code Execution. The lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript. This can be used to run arbitrary code on a server processing Handlebars templates or in a victim's browser (effectively serving as XSS).

CVSS3: 8.1

EPSS: Низкий

CVE-2019-20920

больше 5 лет назад

Handlebars before 3.0.8 and 4.x before 4.5.3 is vulnerable to Arbitrary Code Execution. The lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript. This can be used to run arbitrary code on a server processing Handlebars templates or in a victim's browser (effectively serving as XSS).

CVSS3: 8.1

EPSS: Низкий

CVE-2019-20920

больше 5 лет назад

Handlebars before 3.0.8 and 4.x before 4.5.3 is vulnerable to Arbitrar ...

CVSS3: 8.1

EPSS: Низкий

GHSA-3cqr-58rm-57f8

почти 4 года назад

Arbitrary Code Execution in Handlebars

CVSS3: 8.1

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2019-20920 Handlebars before 3.0.8 and 4.x before 4.5.3 is vulnerable to Arbitrary Code Execution. The lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript. This can be used to run arbitrary code on a server processing Handlebars templates or in a victim's browser (effectively serving as XSS).	CVSS3: 8.1	0% Низкий	больше 5 лет назад
CVE-2019-20920 Handlebars before 3.0.8 and 4.x before 4.5.3 is vulnerable to Arbitrary Code Execution. The lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript. This can be used to run arbitrary code on a server processing Handlebars templates or in a victim's browser (effectively serving as XSS).	CVSS3: 8.1	0% Низкий	больше 6 лет назад
CVE-2019-20920 Handlebars before 3.0.8 and 4.x before 4.5.3 is vulnerable to Arbitrary Code Execution. The lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript. This can be used to run arbitrary code on a server processing Handlebars templates or in a victim's browser (effectively serving as XSS).	CVSS3: 8.1	0% Низкий	больше 5 лет назад
CVE-2019-20920 Handlebars before 3.0.8 and 4.x before 4.5.3 is vulnerable to Arbitrar ...	CVSS3: 8.1	0% Низкий	больше 5 лет назад
GHSA-3cqr-58rm-57f8 Arbitrary Code Execution in Handlebars	CVSS3: 8.1	0% Низкий	почти 4 года назад

Уязвимостей на страницу