Description
The package handlebars before 4.7.7 are vulnerable to Remote Code Execution (RCE) when selecting certain compiling options to compile templates coming from an untrusted source.
Remediation
References
Related Vulnerabilities
Oracle JRE CVE-2022-39399 Vulnerability (CVE-2022-39399)
WordPress Plugin WP Easy Gallery 'add-gallery.php' Arbitrary File Upload (1.8)
WordPress Plugin Japanized For WooCommerce Cross-Site Scripting (2.5.6)
WordPress Plugin WP Socializer-Simple & Easy Social Media Share Icons Cross-Site Scripting (7.2)
CubeCart Missing Authorization Vulnerability (CVE-2025-59413)