CVE-2021-23369

Description

The package handlebars before 4.7.7 are vulnerable to Remote Code Execution (RCE) when selecting certain compiling options to compile templates coming from an untrusted source.

POC

Reference

https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1074950
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1074951
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1074952
https://snyk.io/vuln/SNYK-JS-HANDLEBARS-1056767

Github

No PoCs found on GitHub currently.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CVE-2021-23369.md

CVE-2021-23369.md

CVE-2021-23369

Description

POC

Reference

Github

Files

CVE-2021-23369.md

Latest commit

History

CVE-2021-23369.md

File metadata and controls

CVE-2021-23369

Description

POC

Reference

Github