A vulnerability classified as critical has been found in Pallets Jinja up to 3.1.4. Affected is the function
str.format
. The manipulation leads to improper neutralization of special elements used in a template engine.
This vulnerability is traded as CVE-2024-56326. Attacking locally is a requirement. There is no exploit available.
It is recommended to upgrade the affected component.