express-hbs 代码注入漏洞

handlebars is a semantic Web template system. An information disclosure vulnerability exists in express-hbs that stems from mixing pure template data with engine configuration options via the Express rendering API. Layout parameters may trigger a file disclosure vulnerability in downstream...