8 matches found
3dsub (>=0.1.1 <=0.1.5), @aigan/polymer-css-compiler (=1.0.3) +852 more potentially affected by CVE-2015-8862 via mustache (>=0.3.1-dev <=2.2.0)
mustache NPM version =0.3.1-dev, =0.1.1, =1.0.1, =2.1.4, =1.2.7, =0.1.0, =0.1.0, =0.5.1, =1.0.0, =0.0.0, =0.0.1 and more Source cves: CVE-2015-8862 Source advisory: OSV:GHSA-W3W8-37JV-2C58...
Tenable Log Correlation Engine (LCE) < 4.8.1 Multiple Vulnerabilities
The version of Tenable Log Correlation Engine LCE installed on the remote host is prior to 4.8.1. It is, therefore, affected by the following vulnerabilities : - Multiple cross-site scripting XSS vulnerabilities exist in the Handlebars library in the lib/handlebars/utils.js script due to a failur...
CVE-2015-8862
mustache package before 2.2.1 for Node.js allows remote attackers to conduct cross-site scripting XSS attacks by leveraging a template with an attribute that is not quoted...
UBUNTU-CVE-2015-8862
mustache package before 2.2.1 for Node.js allows remote attackers to conduct cross-site scripting XSS attacks by leveraging a template with an attribute that is not quoted...
CVE-2015-8862
mustache package before 2.2.1 for Node.js allows remote attackers to conduct cross-site scripting XSS attacks by leveraging a template with an attribute that is not quoted...
CVE-2015-8862
mustache package before 2.2.1 for Node.js allows remote attackers to conduct cross-site scripting XSS attacks by leveraging a template with an attribute that is not quoted...
CVE-2015-8862
mustache package before 2.2.1 for Node.js allows remote attackers to conduct cross-site scripting XSS attacks by leveraging a template with an attribute that is not quoted...
CVE-2015-8862
The CVE-2015-8862 entry concerns the mustache package for Node.js. Affected software is mustache prior to version 2.2.1; the root cause is an XSS flaw introduced by an attribute in a mustache template that is not quoted. Impact is remote XSS where an attacker can leverage unquoted attributes to e...