Lucene search
MitreCVELIST:CVE-2019-20920HistorySep 30, 2020 - 12:30 p.m.
CVE-2019-20920
2020-09-3012:30:56
mitre
www.cve.org
5
Handlebars before 3.0.8 and 4.x before 4.5.3 is vulnerable to Arbitrary Code Execution. The lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript. This can be used to run arbitrary code on a server processing Handlebars templates or in a victim’s browser (effectively serving as XSS).
Related
nvd
nvd
CVE-2019-20920
2020-09-30 18:15:17
osv
osv
Arbitrary Code Execution in Handlebars
2022-02-10 20:38:19
CVE-2019-20920
2020-09-30 18:15:17
prion
prion
Cross site scripting
2020-09-30 18:15:00
ubuntucve
ubuntucve
CVE-2019-20920
2020-09-30 00:00:00
github
github
Arbitrary Code Execution in Handlebars
2022-02-10 20:38:19
veracode
veracode
Arbitrary Code Execution
2019-11-20 03:17:20
redhatcve
redhatcve
CVE-2019-20920
2020-09-30 16:18:42
cve
cve
CVE-2019-20920
2020-09-30 18:15:17
debiancve
debiancve
CVE-2019-20920
2020-09-30 18:15:17
nessus
nessus
RHEL 8 : Red Hat Virtualization (RHSA-2020:5179)
2020-11-24 00:00:00
redhat
redhat
ibm
ibm