Lucene search
K

5 matches found

OSV
OSV
added 2021/05/14 7:15 p.m.18 views

CVE-2021-32818

haml-coffee is a JavaScript templating solution. haml-coffee mixes pure template data with engine configuration options through the Express render API. More specifically, haml-coffee supports overriding a series of HTML helper functions through its configuration options. A vulnerable application...

5.4CVSS6.5AI score
Exploits0References2
NVD
NVD
added 2021/05/14 7:15 p.m.27 views

CVE-2021-32818

haml-coffee is a JavaScript templating solution. haml-coffee mixes pure template data with engine configuration options through the Express render API. More specifically, haml-coffee supports overriding a series of HTML helper functions through its configuration options. A vulnerable application...

7.7CVSS0.007EPSS
Exploits1References2
Prion
Prion
added 2021/05/14 7:15 p.m.21 views

Cross site scripting

haml-coffee is a JavaScript templating solution. haml-coffee mixes pure template data with engine configuration options through the Express render API. More specifically, haml-coffee supports overriding a series of HTML helper functions through its configuration options. A vulnerable application...

3.5CVSS5.4AI score0.007EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2021/05/14 6:20 p.m.37 views

CVE-2021-32818 Remote code execution and Reflected cross site scripting in haml-coffee

haml-coffee is a JavaScript templating solution. haml-coffee mixes pure template data with engine configuration options through the Express render API. More specifically, haml-coffee supports overriding a series of HTML helper functions through its configuration options. A vulnerable application...

7.7CVSS7.7AI score0.007EPSS
Exploits1References2
CVE
CVE
added 2021/05/14 6:20 p.m.64 views

CVE-2021-32818

Affected software: haml-coffee (JavaScript templating solution). Vulnerability summary: A vulnerable application that passes user-controlled request objects to the haml-coffee template engine may suffer remote code execution. Additionally, config pollution can expose the escapeHtml control, preve...

7.7CVSS5.7AI score0.007EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder