NVD

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( Dot gov ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Sort results by:

Search Results (Refine Search)

Search Parameters:

Keyword (text search): cpe:2.3:a:handlebars.js_project:handlebars.js:1.0.9:*:*:*:*:node.js:*:*
CPE Name Search: true

There are 1 matching records.

Displaying matches 1 through 1.

Vuln ID	Summary	CVSS Severity
CVE-2015-8861	The handlebars package before 4.0.0 for Node.js allows remote attackers to conduct cross-site scripting (XSS) attacks by leveraging a template with an attribute that is not quoted. Published: January 23, 2017; 4:59:00 PM -0500	V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM

You are viewing this page in an unauthorized frame window.

Information Technology Laboratory

National Vulnerability Database

National Vulnerability Database

Search Results (Refine Search)