Description
mustache package before 2.2.1 for Node.js allows remote attackers to conduct cross-site scripting (XSS) attacks by leveraging a template with an attribute that is not quoted.
Remediation
References
Related Vulnerabilities
WordPress Plugin 3D Slider Slice Box Multiple Cross-Site Scripting Vulnerabilities (1.0)
WordPress Plugin WordPress Shortcodes-Shortcodes Ultimate Remote Code Execution (5.0.0)
phpBB Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2008-7143)
WordPress Plugin XML Sitemap & Google News feeds Cross-Site Scripting (4.5)