EPSS
Percentile
61.6%
mustache is vulnerable to cross-site scripting (XSS) attacks. The vulnerability exists due to the improper sanitization of the variables used in templates, allowing arbitrary HTML code, including JavaScript (JS) code, to be executed when rendered.
github.com/janl/mustache.js/commit/378bcca8a5cfe4058f294a3dbb78e8755e8e0da5
nodesecurity.io/advisories/62