2 matches found
CVE-2021-3189
The slashify package 1.0.0 for Node.js allows open-redirect attacks, as demonstrated by a localhost:3000///example.com/ substring...
CVE-2021-3189
CVE-2021-3189 affects the npm package slashify (version 1.0.0) for Node.js, which normalises routes but does not validate redirection targets. Exploitation involves open redirects (example: localhost:3000///example.com/ redirects to a different domain), enabling phishing-like redirects. Public ad...