Description
The package handlebars before 4.7.7 are vulnerable to Remote Code Execution (RCE) when selecting certain compiling options to compile templates coming from an untrusted source.
Remediation
References
Related Vulnerabilities
TYPO3 Cleartext Storage of Sensitive Information Vulnerability (CVE-2021-21339)
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1734)
WordPress Plugin WordPress Framework Possible Backdoor (1.0)
WordPress Plugin Brizy-Page Builder Multiple Vulnerabilities (2.3.11)