Lucene search
Veracode Vulnerability DatabaseVERACODE:21989HistoryNov 20, 2019 - 3:17 a.m.
Arbitrary Code Execution
2019-11-2003:17:20
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
21
EPSS
0.007
Percentile
80.3%
handlebars is vulnerable to arbitrary code execution. The lookup helper does not properly validate templates, allowing the execution of JavaScript code in templates. This vulnerability exists due to an incomplete fix for https://www.sourceclear.com/vulnerability-database/security/arbitrary-code-execution/javascript/sid-21954/summary.
Related
osv
osv
CVE-2019-20920
2020-09-30 18:15:17
Arbitrary Code Execution in Handlebars
2022-02-10 20:38:19
debiancve
debiancve
CVE-2019-20920
2020-09-30 18:15:17
nvd
nvd
CVE-2019-20920
2020-09-30 18:15:17
redhatcve
redhatcve
CVE-2019-20920
2020-09-30 16:18:42
cve
cve
CVE-2019-20920
2020-09-30 18:15:17
prion
prion
Cross site scripting
2020-09-30 18:15:00
ubuntucve
ubuntucve
CVE-2019-20920
2020-09-30 00:00:00
cvelist
cvelist
CVE-2019-20920
2020-09-30 12:30:56
github
github
Arbitrary Code Execution in Handlebars
2022-02-10 20:38:19
redhat
redhat
nessus
nessus
RHEL 8 : Red Hat Virtualization (RHSA-2020:5179)
2020-11-24 00:00:00
ibm
ibm