You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I just wanted to Inform you that currently in the custom Policy Starterpack the TrustFrameworkBase.xml File comes with Handlebars Runtime version 4.7.6.
This Version has currently two critical exploits:
CVE-2021-23369 CVSS 3.x: 5.6 Medium (Snyk), 9.8 Critical (NVD) CVE-2021-23383 CVSS 3.x: 5.6 Medium (Snyk), 9.8 Critical (NVD)
Hey,
I just wanted to Inform you that currently in the custom Policy Starterpack the TrustFrameworkBase.xml File comes with Handlebars Runtime version 4.7.6.
This Version has currently two critical exploits:
CVE-2021-23369 CVSS 3.x: 5.6 Medium (Snyk), 9.8 Critical (NVD)
CVE-2021-23383 CVSS 3.x: 5.6 Medium (Snyk), 9.8 Critical (NVD)
A fast fix for this Issue would be to update the Handlebars versions corresponding to: https://learn.microsoft.com/en-us/azure/active-directory-b2c/page-layout#jquery-and-handlebars-versions. The exploit should be closed with update 4.7.7.
Regards, Andreas
The text was updated successfully, but these errors were encountered: