Malicious code in get-lodash-template-vars (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7916d6bceee662db12088e55ab01e3ad32487d802c99bf7dc60e63c156d5bf0e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2016-10547

Nunjucks is a full featured templating engine for JavaScript. Versions 2.4.2 and lower have a cross site scripting XSS vulnerability in autoescape mode. In autoescape mode, all template vars should automatically be escaped. By using an array for the keys, such as name=alert1, it is possible to...