Prototype Pollution in templ8

All versions of package templ8 up to and including 0.0.44 are vulnerable to Prototype Pollution via the parse function...

GHSA-C7M7-4257-H698 Prototype Pollution in templ8

All versions of package templ8 up to and including 0.0.44 are vulnerable to Prototype Pollution via the parse function...

Prototype Pollution

Templ8 is vulnerable to prototype pollution. A lack of validation when parsing query strings via the parse function allows an attacker to inject arbitrary objects and execute arbitrary code...

CVE-2020-7702

All versions of package templ8 are vulnerable to Prototype Pollution via the parse function...

CVE-2020-7702 Prototype Pollution

All versions of package templ8 are vulnerable to Prototype Pollution via the parse function...

CVE-2020-7702

CVE-2020-7702 affects theTempl8 JavaScript package (templ8) via the parse function, enabling prototype pollution. Public sources confirm that all versions up to 0.0.44 are vulnerable; a fix exists in 0.0.45 and later (per PT-2020-19725). The exploitation path involves unsafe recursive merges or p...

Prototype Pollution

Overview Templ8 is a JavaScript Client/ Server Template Engine Affected versions of this package are vulnerable to Prototype Pollution via the parse function. POC const Templ8 = require'Templ8'; var tpl = new Templ8 'proto.polluted=true' ; tpl.parse; console.logpolluted //true Details Prototype...

PT-2020-19725 · Npm · Templ8

Name of the Vulnerable Software and Affected Versions: templ8 versions prior to 0.0.45 Description: The issue concerns Prototype Pollution via the parse function. This affects all versions of the templ8 package up to and including 0.0.44. Recommendations: For versions prior to 0.0.45, update to...