CVE-2026-33941 | Handlebars up to 4.7.8 lib/precompiler.js cross site scripting (GHSA-xjpj-3mr7-gcpf)

A vulnerability, which was classified as problematic, has been found in Handlebars up to 4.7.8. The affected element is an unknown function in the library lib/precompiler.js. This manipulation causes cross site scripting.

The identification of this vulnerability is CVE-2026-33941. The attack can only be executed locally. There is no exploit available.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More