Description
Versions of handlebars prior to 4.3.0 are vulnerable to Prototype Pollution leading to Remote Code Execution. Templates may alter an Object's __proto__ and __defineGetter__ properties, which may allow an attacker to execute arbitrary code through crafted payloads.
Remediation
References
Related Vulnerabilities
WordPress Plugin All-in-One Addons for Elementor-WidgetKit Cross-Site Scripting (2.4.3)
WordPress Plugin Slideshow Gallery LITE Multiple Unspecified Vulnerabilities (1.5.3.3)
MySQL CVE-2020-14769 Vulnerability (CVE-2020-14769)
Chamilo URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2015-9540)