nodejs-handlebars: cross-site scripting
| Package(s): | nodejs-handlebars | CVE #(s): | |||||||||
| Created: | December 29, 2015 | Updated: | January 6, 2016 | ||||||||
| Description: | From the Red Hat bugzilla:
The handlebars node module is missing some characters in its escaping mechanisms, allowing for possible XSS. This flaw also affects other modules, notably mustache, that implement the same logic. | ||||||||||
| Alerts: |
| ||||||||||