Headline
CVE-2019-19919: CVE-2019-19919 - GitHub Advisory Database
Versions of handlebars prior to 4.3.0 are vulnerable to Prototype Pollution leading to Remote Code Execution. Templates may alter an Object’s proto and defineGetter properties, which may allow an attacker to execute arbitrary code through crafted payloads.
Prototype Pollution in handlebars
Critical severity GitHub Reviewed Published Dec 26, 2019 • Updated Jul 26, 2021