UNKNOWN npm
Prototype Pollution in handlebars
GHSA-g9r4-xpmj-mj65
Published ยท Modified
Description
Versions of handlebars prior to 3.0.8 or 4.5.3 are vulnerable to prototype pollution. It is possible to add or modify properties to the Object prototype through a malicious template. This may allow attackers to crash the application or execute Arbitrary Code in specific conditions.
Recommendation
Upgrade to version 3.0.8, 4.5.3 or later.
References
Ready to move
Start Securing
Free, no credit card | First findings in minutes