Description

Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.

Remediation

References

CVE-2021-23337

Related Vulnerabilities

WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2007-1893)

WordPress Plugin WP-Forum 'forum_feed.php' SQL Injection (1.7.8)

WordPress Plugin Catch Themes Demo Import Security Bypass (1.5)

MediaWiki Other Vulnerability (CVE-2012-5395)

Oracle Application Server CVE-2004-1368 Vulnerability (CVE-2004-1368)

Severity

High

Classification

CVE-2021-23337 CWE-138 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities