CVE-2024-36361 | Pug up to 3.0.2 Template Compiler cross site scripting

A vulnerability was found in Pug up to 3.0.2. It has been declared as problematic. This vulnerability affects the function compileClient/compileFileClient/compileClientWithDependenciesTracked of the component Template Compiler. The manipulation leads to cross site scripting.

This vulnerability was named CVE-2024-36361. The attack can be initiated remotely. There is no exploit available.

The real existence of this vulnerability is still doubted at the moment.

It is recommended to apply a patch to fix this issue.

CVE-2024-36361 | Pug up to 3.0.2 Template Compiler cross site scripting

Post correlati

CVE-2024-41623 | D3D IP Camera D8801 9.1.17.1.4-20180428 Payload Local Privilege Escalation

CVE-2024-5623 | B&R Industrial Automation B&R APROL up to R 4.4-00P3 untrusted search path

CVE-2024-6252 | Zorlan SkyCaiji up to 2.8 Task onerror cross site scripting

CVE-2024-2529 | MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0 /admin/rooms.php unrestricted upload