CVE-2024-36361 | Pug up to 3.0.2 Template Compiler cross site scripting

A vulnerability was found in Pug up to 3.0.2. It has been declared as problematic. This vulnerability affects the function compileClient/compileFileClient/compileClientWithDependenciesTracked of the component Template Compiler. The manipulation leads to cross site scripting.

This vulnerability was named CVE-2024-36361. The attack can be initiated remotely. There is no exploit available.

The real existence of this vulnerability is still doubted at the moment.

It is recommended to apply a patch to fix this issue.

CVE-2024-36361 | Pug up to 3.0.2 Template Compiler cross site scripting

Related Posts

CVE-2023-50964 | IBM InfoSphere Information Server 11.7 Web UI cross site scripting (XFDB-276102)

CVE-2024-38211 | Microsoft Dynamics 365 cross site scripting

CVE-2024-2133 | Bdtask Isshue Multi Store eCommerce Shopping Cart Solution Manage Sale Page manage_invoice cross site scripting

CVE-2023-45698 | HCL Sametime up to 12.0.1 FP1 Outlook Add-in clickjacking (KB0109082)