handlebars.java FileTemplateLoader Path Traversal
Impact Any application that passes user-controlled input to Handlebars.compile using a FileTemplateLoader or ClassPathTemplateLoader is vulnerable to arbitrary file read. This is a realistic attack surface for web applications that use template names from URL path parameters, request parameters, ...