PT-2017-7493 · Handlebars+1 · Handlebars+1
Published
2017-01-23
·
Updated
2020-04-22
·
CVE-2015-8861
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
handlebars versions prior to 4.0.0
Description
The issue allows remote attackers to conduct cross-site scripting (XSS) attacks by leveraging a template with an attribute that is not quoted. This occurs when attributes in handlebar templates are not properly encapsulated, leading to potential execution of malicious scripts. For example, a template like
<a href={{foo}}/> can be exploited with an input like { 'foo' : 'test.com onload=alert(1)'}, resulting in a rendered output of <a href=test.com onload=alert(1)/> that can execute the onload script.Recommendations
Update to version 4.0.0 or later.
Alternatively, ensure that all attributes in handlebars templates are encapsulated with quotes.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Debian
Handlebars