lukeed/tempura

Releases8

Frequency5 months 4 days

Last Release almost 2 years ago

Stars529

A light, crispy, and delicious template engine 🍤

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2021-23784 ↗	Nov 3, 2021Wednesday, 3 November 2021, 18:15	5.4 MEDIUM	4.3 MEDIUM
This affects the package tempura before 0.4.0. If the input to the esc function is of type object (i.e an array) it is returned without being escaped/sanitized, leading to a potential Cross-Site Scripting vulnerability.