GMS-2015-33: XSS vulnerability due to improper value escaping

October 4, 2015

The library does not properly escape attribute values making XSS exploits possible.

References

github.com/wycats/handlebars.js/commit/83b8e846a3569bd366cf0b6bdc1e4604d1a2077e
github.com/wycats/handlebars.js/issues/1114

Code Behaviors & Features

Detect and mitigate GMS-2015-33 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →