Lucene search
China National Vulnerability DatabaseCNVD-2022-18007HistoryMar 01, 2022 - 12:00 a.m.
karma input validation error vulnerability
2022-03-0100:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
0.001 Low
EPSS
Percentile
31.0%
karma is a simple tool that allows you to execute JavaScript code in multiple real browsers. karma versions prior to 6.3.16 have a security vulnerability that stems from a lack of validation of returned url query parameters, which could be exploited to perform redirect attacks.
| CPE | Name | Operator | Version |
|---|---|---|---|
| karma karma | lt | 6.3.16 |
Related
osv
osv
Open redirect in karma
2022-02-26 00:00:38
CVE-2021-23495
2022-02-25 20:15:08
nvd
nvd
CVE-2021-23495
2022-02-25 20:15:08
cve
cve
CVE-2021-23495
2022-02-25 20:15:08
veracode
veracode
Open Redirect
2022-02-28 10:29:32
prion
prion
Open redirect
2022-02-25 20:15:00
cvelist
cvelist
CVE-2021-23495 Open Redirect
2022-02-25 00:00:00
github
github
Open redirect in karma
2022-02-26 00:00:38