OSVDB-131671: XSS vulnerability due to improper value escaping

October 4, 2015

The library does not properly escape attribute values making XSS exploits possible.

References

github.com/wycats/handlebars.js/commit/83b8e846a3569bd366cf0b6bdc1e4604d1a2077e
github.com/wycats/handlebars.js/issues/1114

Detect and mitigate OSVDB-131671 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →