PT-2026-31066 · Unknown+1 · Javascript Template Literals+1

Publicado

2026-04-07

·

Atualizado

2026-05-21

·

CVE-2026-32289

CVSS v3.1

9.8

Crítica

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions versões anteriores a 2.3
Description O rastreamento inadequado do contexto entre os ramos do modelo dentro de literais de modelo JavaScript pode levar à fuga incorreta do conteúdo quando os ramos são usados. Além disso, as ações do modelo dentro desses literais não rastrearam com precisão a profundidade do colchete, resultando em escape incorreto. Essas questões podem fazer com que as ações dentro de literais de modelo JavaScript sejam escapadas incorretamente, levando potencialmente a vulnerabilidades de scripting entre sites (XSS).
Recommendations Atualize para a versão 2.3 ou posterior.

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

BDU:2026-07253
BIT-GOLANG-2026-32289
CLEANSTART-2026-AC01087
CLEANSTART-2026-AH29678
CLEANSTART-2026-AN32474
CLEANSTART-2026-AP92343
CLEANSTART-2026-AP95632
CLEANSTART-2026-AQ65185
CLEANSTART-2026-AY53560
CLEANSTART-2026-AY89602
CLEANSTART-2026-BB70412
CLEANSTART-2026-BB83999
CLEANSTART-2026-BD19566
CLEANSTART-2026-BG69533
CLEANSTART-2026-BM53321
CLEANSTART-2026-BN28456
CLEANSTART-2026-BR79647
CLEANSTART-2026-BT04364
CLEANSTART-2026-BU65096
CLEANSTART-2026-CB00984
CLEANSTART-2026-CC08450
CLEANSTART-2026-CD13174
CLEANSTART-2026-CD71342
CLEANSTART-2026-CD91667
CLEANSTART-2026-CE10526
CLEANSTART-2026-CN84623
CLEANSTART-2026-CR55131
CLEANSTART-2026-CS02869
CLEANSTART-2026-DA99134
CLEANSTART-2026-DK45320
CLEANSTART-2026-DM19620
CLEANSTART-2026-DM93480
CLEANSTART-2026-DN70218
CLEANSTART-2026-DO31246
CLEANSTART-2026-DR81473
CLEANSTART-2026-DV49899
CLEANSTART-2026-DW32113
CLEANSTART-2026-EI06494
CLEANSTART-2026-EM93403
CLEANSTART-2026-EP10142
CLEANSTART-2026-FB07695
CLEANSTART-2026-FH54780
CLEANSTART-2026-FH63386
CLEANSTART-2026-FK40318
CLEANSTART-2026-FV86809
CLEANSTART-2026-GB02436
CLEANSTART-2026-GB36430
CLEANSTART-2026-GB46352
CLEANSTART-2026-GB83728
CLEANSTART-2026-GG06672
CLEANSTART-2026-GR41888
CLEANSTART-2026-GW28934
CLEANSTART-2026-GY48351
CLEANSTART-2026-GY76045
CLEANSTART-2026-GZ35045
CLEANSTART-2026-HF07497
CLEANSTART-2026-HI89495
CLEANSTART-2026-HK01840
CLEANSTART-2026-HM31566
CLEANSTART-2026-HQ88036
CLEANSTART-2026-IO64893
CLEANSTART-2026-IP78312
CLEANSTART-2026-IS19112
CLEANSTART-2026-IW91368
CLEANSTART-2026-IY98831
CLEANSTART-2026-JO51351
CLEANSTART-2026-JQ70227
CLEANSTART-2026-JV26120
CLEANSTART-2026-JY63371
CLEANSTART-2026-JZ43336
CLEANSTART-2026-KA21986
CLEANSTART-2026-KC83705
CLEANSTART-2026-KF86214
CLEANSTART-2026-KL61187
CLEANSTART-2026-KT28044
CLEANSTART-2026-LA67881
CLEANSTART-2026-LG79681
CLEANSTART-2026-LI56163
CLEANSTART-2026-LK73694
CLEANSTART-2026-LM43244
CLEANSTART-2026-LN66182
CLEANSTART-2026-LO63022
CLEANSTART-2026-LO90739
CLEANSTART-2026-LT10352
CLEANSTART-2026-LZ60917
CLEANSTART-2026-MI12470
CLEANSTART-2026-MI82983
CLEANSTART-2026-MK07381
CLEANSTART-2026-ML42911
CLEANSTART-2026-MR50866
CLEANSTART-2026-MV81821
CLEANSTART-2026-MW24969
CLEANSTART-2026-MW66533
CLEANSTART-2026-MX15076
CLEANSTART-2026-MX56097
CLEANSTART-2026-MZ44265
CLEANSTART-2026-NB51079
CLEANSTART-2026-NB55984
CLEANSTART-2026-NB83265
CLEANSTART-2026-NG28268
CLEANSTART-2026-NG75665
CLEANSTART-2026-NS33477
CLEANSTART-2026-NT10973
CLEANSTART-2026-NX54250
CLEANSTART-2026-OD56729
CLEANSTART-2026-OF37807
CLEANSTART-2026-OH43332
CLEANSTART-2026-OH47925
CLEANSTART-2026-OR40192
CLEANSTART-2026-OU18540
CLEANSTART-2026-PE52216
CLEANSTART-2026-PK19530
CLEANSTART-2026-PM81907
CLEANSTART-2026-PY36202
CLEANSTART-2026-QL45485
CLEANSTART-2026-QN98167
CLEANSTART-2026-QO29688
CLEANSTART-2026-QO30809
CLEANSTART-2026-QP84300
CLEANSTART-2026-QR52625
CLEANSTART-2026-QS28268
CLEANSTART-2026-QS87161
CLEANSTART-2026-QU88766
CLEANSTART-2026-RR42740
CLEANSTART-2026-RX06063
CLEANSTART-2026-SE34232
CLEANSTART-2026-SO13464
CLEANSTART-2026-SV08737
CLEANSTART-2026-TC76376
CLEANSTART-2026-TD06078
CLEANSTART-2026-TD94714
CLEANSTART-2026-TE02851
CLEANSTART-2026-TH33219
CLEANSTART-2026-TK06108
CLEANSTART-2026-TL66481
CLEANSTART-2026-TZ10716
CLEANSTART-2026-UF28691
CLEANSTART-2026-UO31069
CLEANSTART-2026-UQ68343
CLEANSTART-2026-UW03847
CLEANSTART-2026-UX07516
CLEANSTART-2026-UY10441
CLEANSTART-2026-VU08393
CLEANSTART-2026-VW96633
CLEANSTART-2026-VZ08395
CLEANSTART-2026-WA14162
CLEANSTART-2026-WA84208
CLEANSTART-2026-WB12909
CLEANSTART-2026-WB86581
CLEANSTART-2026-WB89098
CLEANSTART-2026-WL14185
CLEANSTART-2026-WO11084
CVE-2026-32289
GO-2026-4865
OPENSUSE-SU-2026:10514-1
OPENSUSE-SU-2026:10525-1
OPENSUSE-SU-2026:20570-1
OPENSUSE-SU-2026:20571-1
RHSA-2026:7291
RHSA-2026:7385
SUSE-SU-2026:1320-1
SUSE-SU-2026:1321-1
SUSE-SU-2026:1580-1
SUSE-SU-2026:1581-1

Produtos afetados

Javascript Template Literals
Red Os