Description Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function. Remediation References CVE-2021-23337 Related Vulnerabilities WordPress Plugin SSL Insecure Content Fixer Information Disclosure (2.0.0) Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-3227) Oracle Database Server CVE-2006-0259 Vulnerability (CVE-2006-0259) WordPress Plugin WooCommerce Product Feed for Google, Facebook, eBay and Many More Cross-Site Request Forgery (1.5.24) TCExam Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-4237) Severity High Classification CVE-2021-23337 CWE-138 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Tags Missing Update Known Vulnerabilities