CVE-2026-32236

Backstage is an open framework for building developer portals. Prior to 0.27.1, a Server-Side Request Forgery SSRF vulnerability exists in @backstage/plugin-auth-backend when auth.experimentalClientIdMetadataDocuments.enabled is set to true. The CIMD metadata fetch validates the initial clientid...

@backstage/plugin-auth-backend: SSRF in experimental CIMD metadata fetch

Impact A Server-Side Request Forgery SSRF vulnerability exists in @backstage/plugin-auth-backend when auth.experimentalClientIdMetadataDocuments.enabled is set to true. The CIMD metadata fetch validates the initial clientid hostname against private IP ranges but does not apply the same validation...

@backstage/plugin-auth-backend (>=0.0.0-nightly-20240122021809 <=0.22.11), @backstage/plugin-auth-backend-module-aws-alb-provider (>=0.0.0-nightly-20240126021148 <=0.4.14-next.1) +7 more potentially affected by CVE-2026-32235 via @backstage/plugin-auth-backend (>=0.0.0-nightly-20240929023448 <=0.27.1-next.2)

@backstage/plugin-auth-backend NPM version =0.0.0-nightly-20240929023448, =0.0.0-nightly-20240122021809, =0.0.0-nightly-20240126021148, =0.0.0-nightly-20240122021809, =0.0.0-nightly-2022122206, =0.0.0-nightly-2022122206, =0.0.0-nightly-2022122206, =1.0.0, =1.2.0 -...

@backstage/plugin-auth-backend (>=0.0.0-nightly-20240122021809 <=0.22.11), @backstage/plugin-auth-backend-module-aws-alb-provider (>=0.0.0-nightly-20240126021148 <=0.4.14-next.1) +7 more potentially affected by CVE-2026-32235 via @backstage/plugin-auth-backend (>=0.0.0-nightly-20240929023448 <=0.27.1-next.2)

@backstage/plugin-auth-backend NPM version =0.0.0-nightly-20240929023448, =0.0.0-nightly-20240122021809, =0.0.0-nightly-20240126021148, =0.0.0-nightly-20240122021809, =0.0.0-nightly-2022122206, =0.0.0-nightly-2022122206, =0.0.0-nightly-2022122206, =1.0.0, =1.2.0 -...

PT-2026-25052

Backstage is an open framework for building developer portals. Prior to 0.27.1, a Server-Side Request Forgery SSRF vulnerability exists in @backstage/plugin-auth-backend when auth.experimentalClientIdMetadataDocuments.enabled is set to true. The CIMD metadata fetch validates the initial client id...

EUVD-2021-2600

Malware in sbrugna...

CVE-2021-43776

Backstage is an open platform for building developer portals. In affected versions the auth-backend plugin allows a malicious actor to trick another user into visiting a vulnerable URL that executes an XSS attack. This attack can potentially allow the attacker to exfiltrate access tokens or other...

Cross-Site Scripting vulnerability in @backstage/plugin-auth-backend

Impact This vulnerability allows a malicious actor to trick another user into visiting a vulnerable URL that executes an XSS attack. This attack can potentially allow the attacker to exfiltrate access tokens or other secrets from the user's browser. The default CSP does prevent this attack, but i...

backstage cross-site scripting vulnerability

backstage is an application. Backstage is an open platform for building developer portals Backstage is vulnerable to a cross-site scripting vulnerability that stems from the lack of filtering and escaping of URL parameters in the affected version of the auth-backend plugin. An attacker could use...

CVE-2021-43776

Backstage is an open platform for building developer portals. In affected versions the auth-backend plugin allows a malicious actor to trick another user into visiting a vulnerable URL that executes an XSS attack. This attack can potentially allow the attacker to exfiltrate access tokens or other...

CVE-2021-43776

Backstage is an open platform for building developer portals. In affected versions the auth-backend plugin allows a malicious actor to trick another user into visiting a vulnerable URL that executes an XSS attack. This attack can potentially allow the attacker to exfiltrate access tokens or other...

Design/Logic Flaw

Backstage is an open platform for building developer portals. In affected versions the auth-backend plugin allows a malicious actor to trick another user into visiting a vulnerable URL that executes an XSS attack. This attack can potentially allow the attacker to exfiltrate access tokens or other...

CVE-2021-43776

CVE-2021-43776 is a Cross-Site Scripting vulnerability in the Backstage project, specifically within the auth-backend plugin. Affected versions allow an attacker to trick a user into visiting a vulnerable URL, enabling an XSS attack that could exfiltrate access tokens or other secrets from the us...

CVE-2021-43776 XSS vulnerability in @backstage/plugin-auth-backend

Backstage is an open platform for building developer portals. In affected versions the auth-backend plugin allows a malicious actor to trick another user into visiting a vulnerable URL that executes an XSS attack. This attack can potentially allow the attacker to exfiltrate access tokens or other...

backstage 跨站脚本漏洞

backstage is an application. Backstage is an open platform for building developer portals Backstage is vulnerable to a cross-site scripting vulnerability that stems from the lack of filtering and escaping of URL parameters in the affected version of the auth-backend plugin. An attacker could use...

PYSEC-2020-18

The previous default setting for Airflow's Experimental API was to allow all API requests without authentication, but this poses security risks to users who miss this fact. From Airflow 1.10.11 the default has been changed to deny all requests by default and is documented at...

PYSEC-2020-18

The previous default setting for Airflow's Experimental API was to allow all API requests without authentication, but this poses security risks to users who miss this fact. From Airflow 1.10.11 the default has been changed to deny all requests by default and is documented at...

Improper Certificate Validation in Apache Airflow

The LDAP auth backend airflow.contrib.auth.backends.ldapauth prior to Apache Airflow 1.10.1 was misconfigured and contained improper checking of exceptions which disabled server certificate checking...

PYSEC-2019-143

The LDAP auth backend airflow.contrib.auth.backends.ldapauth prior to Apache Airflow 1.10.1 was misconfigured and contained improper checking of exceptions which disabled server certificate checking...