EPSS
Percentile
46.0%
dot is vulnerable to arbitrary code injection. The template function does not sanitize input set on Object.prototype, allowing an attacker who is able to compile templates to inject and execute arbitrary cdoe.
Object.prototype
hackerone.com/reports/390929