bracket-template is vulnerable to cross-site scripting (XSS) attacks. The library does not sanitize user input before rendering it, allowing a malicious user to inject and execute arbitrary Javascript.
CPE | Name | Operator | Version |
---|---|---|---|
bracket-template | le | 1.1.5 | |
bracket-template | le | 1.1.5 |