GMS-2014-10: XSS vulnerability due to improper value escaping

July 2, 2014

The library does not properly escape attribute values making XSS exploits possible.

References

github.com/janl/mustache.js/commit/378bcca8a5cfe4058f294a3dbb78e8755e8e0da5
github.com/janl/mustache.js/pull/388

Code Behaviors & Features

Detect and mitigate GMS-2014-10 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →