5 matches found
EUVD-2017-0189
Malware in sbrugna...
CVE-2014-7193
The Crumb plugin before 3.0.0 for Node.js does not properly restrict token access in situations where a hapi route handler has CORS enabled, which allows remote attackers to obtain sensitive information, and potentially obtain the ability to spoof requests to non-CORS routes, via a crafted web si...
Design/Logic Flaw
The Crumb plugin before 3.0.0 for Node.js does not properly restrict token access in situations where a hapi route handler has CORS enabled, which allows remote attackers to obtain sensitive information, and potentially obtain the ability to spoof requests to non-CORS routes, via a crafted web si...
CVE-2014-7193
The Crumb plugin before 3.0.0 for Node.js does not properly restrict token access in situations where a hapi route handler has CORS enabled, which allows remote attackers to obtain sensitive information, and potentially obtain the ability to spoof requests to non-CORS routes, via a crafted web si...
CVE-2014-7193
CVE-2014-7193 affects the Crumb plugin for Node.js prior to 3.0.0. When a hapi route has CORS enabled, token access is not properly restricted, potentially allowing remote attackers to obtain sensitive information and possibly spoof requests to non-CORS routes via a crafted site visited by an app...