{"id":"CVE-2026-5090","summary":"Template::Plugin::HTML versions through 3.102 for Perl allows HTML and JavaScript to be injected","details":"Template::Plugin::HTML versions through 3.102 for Perl allows HTML and JavaScript to be injected.\n\nThe html_filter function did not escape single quotes. HTML attributes inside of single quotes could be have code injected.  For example, the variable \"var\" in\n\n    \u003ca id='ref' title='[% var | html %]'\u003e\n\nwould not be properly escaped. An attacker could insert some limited HTML and JavaScript, for example,\n\n    var = \" ' onclick='while (true) { alert(1) }'\"\n\nNote that arbitrary HTML and JavaScript would be difficult to inject, because angle brackets, ampersands and double-quotes would still be escaped.","modified":"2026-06-18T03:56:38.340344334Z","published":"2026-05-19T21:30:03.552Z","database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/5xxx/CVE-2026-5090.json","cna_assigner":"CPANSec","cwe_ids":["CWE-79"]},"references":[{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/05/19/40"},{"type":"WEB","url":"https://cpan.org/modules"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/5xxx/CVE-2026-5090.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-5090"},{"type":"REPORT","url":"https://github.com/abw/Template2/issues/327"},{"type":"FIX","url":"https://github.com/abw/Template2/pull/337/changes/11c78a7a771d4af505efeb754a0b8775689c2eae"},{"type":"PACKAGE","url":"https://github.com/abw/Template2"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/cpan-authors/Template2","events":[{"introduced":"0"},{"fixed":"fa6e0a8a90a1e58fb170a9d183e040be0420648f"}],"database_specific":{"extracted_events":[{"introduced":"0"},{"last_affected":"3.102"},{"introduced":"0"},{"fixed":"3.102"}],"source":["AFFECTED_FIELD","DESCRIPTION"]}}],"versions":["v3.101","v3.010","v3.009","v3.008","v3.007","v3.006","v3.005","v3.004","v3.003","v3.002","v3.001","v3.000","v2.29","v2.28","v2.27"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-5090.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}