CVE-2019-19919

Versions of handlebars prior to 4.3.0 are vulnerable to Prototype Pollution leading to Remote Code Execution. Templates may alter an Object's __proto__ and __defineGetter__ properties, which may allow an attacker to execute arbitrary code through crafted payloads.

Versions of handlebars prior to 4.3.0 are vulnerable to Prototype Pollution leading to Remote Code Execution. Templates may alter an Object's __proto__ and __defineGetter__ properties, which may allow an attacker to execute arbitrary code through crafted payloads.

Versions of `handlebars` prior to 3.0.8 or 4.3.0 are vulnerable to Prototype Pollution leading to Remote Code Execution. Templates may alter an Objects' `__proto__` and `__defineGetter__` properties, which may allow an attacker to execute arbitrary code through crafted payloads. ## Recommendation Upgrade to version 3.0.8, 4.3.0 or later.

Versions of `handlebars` prior to 3.0.8 or 4.3.0 are vulnerable to Prototype Pollution leading to Remote Code Execution. Templates may alter an Objects' `__proto__` and `__defineGetter__` properties, which may allow an attacker to execute arbitrary code through crafted payloads. ## Recommendation Upgrade to version 3.0.8, 4.3.0 or later.

Las versiones anteriores a 4.3.0 de handlebars, son vulnerables a la Contaminación de Prototipos conllevando a una ejecución de código remota. Las plantillas pueden alterar las propiedades __proto__ y __defineGetter__ de un Objeto, lo que puede permitir a un atacante ejecutar código arbitrario por medio de cargas útiles diseñadas.