0Xhunsec

**Name of the Vulnerable Software and Affected Versions** Mako versions prior to 1.3.11 **Description** Mako is a template library written in Python. The `get template()` function within `TemplateLookup` is susceptible to path traversal when a URI begins with //. This occurs due to an inconsistency between two slash-stripping implementations. If an application passes untrusted input directly to `get template()`, any file readable by the process can be returned as rendered template content. **Recommendations** Update to version 1.3.11.