2 matches found
liquidjs 信息泄露漏洞
liquidjs is a simple, expressive, secure and Shopify-compatible pure JavaScript template engine by Jun Yang. A security vulnerability exists in liquidjs versions prior to 10.0.0, which stems from the vulnerability to information exposure when the ownPropertyOnly parameter is set to False, leading...
Information Exposure
Overview liquidjs is an A simple, expressive, safe and Shopify compatible template engine in pure JavaScript. Affected versions of this package are vulnerable to Information Exposure when ownPropertyOnly parameter is set to False, which results in leaking properties of a prototype. Workaround For...