Description
mustache package before 2.2.1 for Node.js allows remote attackers to conduct cross-site scripting (XSS) attacks by leveraging a template with an attribute that is not quoted.
Remediation
References
Related Vulnerabilities
WordPress Plugin PowerPress Podcasting by Blubrry Unspecified Vulnerability (8.6.1)
WordPress Plugin VaultPress Remote Code Execution (1.9.0)
WordPress Plugin WP Social Bookmarking Light Cross-Site Scripting (1.7.9)
Atlassian Jira CVE-2019-20403 Vulnerability (CVE-2019-20403)
MySQL Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-1626)