Moderate severity vulnerability that affects keystone

2018-06-07T19:43:20
ID GHSA-39PJ-GQ8Q-9PFJ
Type github
Reporter GitHub Advisory Database
Modified 2019-07-03T21:02:01

Description

Due to a bug in the the default sign in functionality in the keystone node module before 0.3.16, incomplete email addresses could be matched. A correct password is still required to complete sign in.