3 matches found
CVE-2026-55760 handlebars.java FileTemplateLoader Path Traversal
Handlebars.java provides logic-less and semantic Mustache templates with Java. Prior to 4.5.2, applications that pass user-controlled input to Handlebars.compile using FileTemplateLoader or ClassPathTemplateLoader are vulnerable to path traversal, allowing arbitrary file read through template nam...
CVE-2026-55760
Handlebars.java (Java) CVE-2026-55760 affects the library when user-controlled input is passed to Handlebars.compile() using FileTemplateLoader or ClassPathTemplateLoader. Prior to version 4.5.2, this allows path traversal and arbitrary file reads via template names derived from URL path paramete...
PT-2026-50605
Name of the Vulnerable Software and Affected Versions handlebars versions prior to 4.5.2 Description Applications that pass user-controlled input to the Handlebars.compile function using a FileTemplateLoader or ClassPathTemplateLoader are susceptible to arbitrary file read. This occurs when web...