CVE-2019-20920 — Code Injection in Handlebars

CWE-94 — Code Injection CWE-20 — Improper Input Validation10 documents7 sources

Severity

8.1HIGHNVD

EPSS

0.4%

top 41.42%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Handlebarsjs Handlebars

Timeline

PublishedSep 30

Latest updateFeb 10

Description

Handlebars before 3.0.8 and 4.x before 4.5.3 is vulnerable to Arbitrary Code Execution. The lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript. This can be used to run arbitrary code on a server processing Handlebars templates or in a victim's browser (effectively serving as XSS).

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:LExploitability: 2.2 | Impact: 5.3

Affected Packages2 packages

▶NVDhandlebarsjs/handlebars4.0.0 — 4.5.3+1

▶npmhandlebarsjs/handlebars4.0.0 — 4.5.3+1

🔴Vulnerability Details

OSV

Arbitrary Code Execution in Handlebars↗2022-02-10

▶

GHSA

Arbitrary Code Execution in Handlebars↗2022-02-10

▶

CVEList

CVE-2019-20920: Handlebars before 3↗2020-09-30

▶

OSV

CVE-2019-20920: Handlebars before 3↗2020-09-30

▶

📋Vendor Advisories

Red Hat

nodejs-handlebars: lookup helper fails to properly validate templates allowing for arbitrary JavaScript execution↗2019-11-04

▶

Debian

CVE-2019-20920: node-handlebars - Handlebars before 3.0.8 and 4.x before 4.5.3 is vulnerable to Arbitrary Code Exe...↗2019

▶

💬Community

Bugzilla

CVE-2019-20920 nodejs-handlebars: lookup helper fails to properly validate templates allowing for arbitrary JavaScript execution↗2020-09-24

▶

Bugzilla

CVE-2019-20920 nodejs-handlebars: lookup helper fails to properly validate templates allowing for arbitrary JavaScript execution [epel-all]↗2020-09-24

▶

Bugzilla

CVE-2019-20920 nodejs-handlebars: lookup helper fails to properly validate templates allowing for arbitrary JavaScript execution [fedora-all]↗2020-09-24

▶