Lucene search

DOM-based XSS in auth0-lock

🗓️ 19 Aug 2020 21:03:05Reported by GitHub Advisory DatabaseType

DOM-based XSS in auth0-lock. Vulnerability in versions before 11.25.

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 9
Cvelist	CVE-2020-15119 DOM-based XSS in auth0-lock	19 Aug 202021:20	–	cvelist
Veracode	Cross-Site Scripting (XSS)	20 Aug 202002:19	–	veracode
GithubExploit	Exploit for Cross-site Scripting in Auth0 Lock	1 Dec 202009:45	–	githubexploit
Node.js	DOM-based XSS	19 Aug 202021:15	–	nodejs
CVE	CVE-2020-15119	20 Aug 202001:17	–	cve
OSV	GHSA-6GG3-PMM7-97XC DOM-based XSS in auth0-lock	19 Aug 202021:05	–	osv
OSV	CVE-2020-15119	20 Aug 202001:17	–	osv
Prion	Cross site scripting	20 Aug 202001:17	–	prion
NVD	CVE-2020-15119	20 Aug 202001:17	–	nvd

Vulners

Node

auth0-lockRange≤11.25.1

Source	Link
github	www.github.com/auth0/lock/security/advisories/GHSA-6gg3-pmm7-97xc
github	www.github.com/auth0/lock/commit/3711fb5b42afd40073a61a58759251f51e768b1b
nvd	www.nvd.nist.gov/vuln/detail/CVE-2020-15119
github	www.github.com/advisories/GHSA-6gg3-pmm7-97xc

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

19 Aug 2020 21:05Current

0.5Low risk

Vulners AI Score0.5

CVSS23.5

CVSS35.4 - 6.4

EPSS0.00282

CWE-79