handlebars prior to 3.0.8 or 4.3.0 are vulnerable to Prototype Pollution leading to Remote Code Execution. Templates may alter an Objects'
__defineGetter__ properties, which may allow an attacker to execute arbitrary code through crafted payloads.
Upgrade to version 3.0.8, 4.3.0 or later.
publishedAdvisory PublishedSep 24th, 2019
reportedReported by itsznSep 16th, 2019