6 matches found
Medium: perl-Template-Toolkit
Issue Overview: emplate::Plugin::HTML versions through 3.102 for Perl allows HTML and JavaScript to be injected. The htmlfilter function did not escape single quotes. HTML attributes inside of single quotes could be have code injected. For example, the variable "var" in would not be properly...
CVE-2026-5090
Template::Plugin::HTML versions through 3.102 for Perl allows HTML and JavaScript to be injected. The htmlfilter function did not escape single quotes. HTML attributes inside of single quotes could be have code injected. For example, the variable "var" in would not be properly escaped. An attacke...
DEBIAN-CVE-2026-5090
Template::Plugin::HTML versions through 3.102 for Perl allows HTML and JavaScript to be injected. The htmlfilter function did not escape single quotes. HTML attributes inside of single quotes could be have code injected. For example, the variable "var" in would not be properly escaped. An attacke...
CVE-2026-5090
Template::Plugin::HTML versions through 3.102 for Perl allows HTML and JavaScript to be injected. The htmlfilter function did not escape single quotes. HTML attributes inside of single quotes could be have code injected. For example, the variable "var" in would not be properly escaped. An attacke...
CVE-2026-5090
creationtimestamp| type| source ---|---|--- 2026-05-19 22:08:30+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mmafpoatgc22 2026-05-19 22:41:13+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmahk7a4xu2p...
CVE-2026-5090
Template::Plugin::HTML versions through 3.102 for Perl allows HTML and JavaScript to be injected. The htmlfilter function did not escape single quotes. HTML attributes inside of single quotes could be have code injected. For example, the variable "var" in would not be properly escaped. An attacke...