Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1
CVE-2023-2142
- EPSS 0.12%
- Published 26.11.2024 12:15:18
- Last modified 24.06.2025 16:42:52
In Nunjucks versions prior to version 3.2.4, it was possible to bypass the restrictions which are provided by the autoescape functionality. If there are two user-controlled parameters on the same line used in the views, it was possible to inject c...
6.1
CVE-2016-10547
- EPSS 0.38%
- Published 31.05.2018 20:29:01
- Last modified 21.11.2024 02:44:14
Nunjucks is a full featured templating engine for JavaScript. Versions 2.4.2 and lower have a cross site scripting (XSS) vulnerability in autoescape mode. In autoescape mode, all template vars should automatically be escaped. By using an array for th...
1