CVE-2024-36361 | Pug up to 3.0.2 Template Compiler cross site scripting

A vulnerability was found in Pug up to 3.0.2. It has been declared as problematic. This vulnerability affects the function compileClient/compileFileClient/compileClientWithDependenciesTracked of the component Template Compiler. The manipulation leads to cross site scripting.

This vulnerability was named CVE-2024-36361. The attack can be initiated remotely. There is no exploit available.

The real existence of this vulnerability is still doubted at the moment.

It is recommended to apply a patch to fix this issue.

CVE-2024-36361 | Pug up to 3.0.2 Template Compiler cross site scripting

Related Posts

CVE-2024-2364 | Musicshelf 1.0/1.1 on Android Backup androidmanifest.xml backup

CVE-2022-29409 | ThingsForRestaurants Quick Restaurant Reservations Plugin up to 1.4.1 on WordPress cross site scripting

CVE-2023-44253 | Fortinet FortiManager/FortiAnalyzer up to 6.2.12/6.4.14/7.0.11/7.2.3/7.4.1 HTTP information disclosure (FG-IR-23-268)

CVE-2024-1122 | Event Manager, Events Calendar, Events Tickets for WooCommerce Plugin Events Export authorization