The State of Open-Source Security - Asankhaya Sharma

Handlebars.js before 4.0.0 and mustache before 2.2.1 does not properly escape attribute values with the equals sign; Allows cross-site scripting through ...
展开查看详情