CVE-2021-23383

MEDIUM

handlebars < 4.7.7 - Prototype Pollution via Template Compilation

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2021-23383. PoCs published by fazilbaig1, dn9uy3n.

AI-analyzed exploit summary This repository contains a functional exploit and scanner for CVE-2021-23383, a Prototype Pollution vulnerability in Handlebars versions before 4.7.7. The exploit sends a crafted template payload to trigger the vulnerability, while the scanner checks for vulnerable Handlebars versions.

Description

The package handlebars before 4.7.7 are vulnerable to Prototype Pollution when selecting certain compiling options to compile templates coming from an untrusted source.

Exploits (2)

nomisec WORKING POC 1 stars

by fazilbaig1 · poc

https://github.com/fazilbaig1/CVE-2021-23383

View Code ZIP pw:eip

This repository contains a functional exploit and scanner for CVE-2021-23383, a Prototype Pollution vulnerability in Handlebars versions before 4.7.7. The exploit sends a crafted template payload to trigger the vulnerability, while the scanner checks for vulnerable Handlebars versions.

Classification

Working Poc 90%

Attack Type

Other

Complexity

Trivial

Reliability

Reliable

Target: Handlebars < 4.7.7

No auth needed

Prerequisites: Target server running a vulnerable version of Handlebars · Network access to the target server

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 18, 2026 Full analysis →

nomisec SCANNER 1 stars

by dn9uy3n · poc

https://github.com/dn9uy3n/Check-CVE-2021-23383

View Code ZIP pw:eip

This repository contains a Python script that scans for the presence of vulnerable versions of the Handlebars library (CVE-2021-23383) by checking script tags in a webpage. It does not exploit the vulnerability but detects it by version assessment.

Classification

Scanner 95%