Lucene search
+L

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 7:45 p.m.19 views

CVE-2021-32641

auth0-lock is Auth0's signin solution. Versions of nauth0-lock before and including 11.30.0 are vulnerable to reflected XSS. An attacker can execute arbitrary code when the library's flashMessage feature is utilized and user input or data from URL parameters is incorporated into the flashMessage ...

8.1CVSS7.5AI score0.01539EPSS
Exploits1References1
OSV
OSV
added 2021/06/04 9:15 p.m.17 views

CVE-2021-32641

auth0-lock is Auth0's signin solution. Versions of nauth0-lock before and including 11.30.0 are vulnerable to reflected XSS. An attacker can execute arbitrary code when the library's flashMessage feature is utilized and user input or data from URL parameters is incorporated into the flashMessage ...

6.1CVSS7.5AI score
Exploits0References3
Cvelist
Cvelist
added 2021/06/04 9:10 p.m.51 views

CVE-2021-32641 Reflected XSS when using flashMessages

auth0-lock is Auth0's signin solution. Versions of nauth0-lock before and including 11.30.0 are vulnerable to reflected XSS. An attacker can execute arbitrary code when the library's flashMessage feature is utilized and user input or data from URL parameters is incorporated into the flashMessage ...

8.1CVSS8.5AI score0.01539EPSS
Exploits1References3
CVE
CVE
added 2021/06/04 9:10 p.m.101 views

CVE-2021-32641

CVE-2021-32641 affects Auth0-lock (Auth0’s signin solution). Versions up to and including 11.30.0 are vulnerable to a reflected XSS when user input from URL parameters is injected into the library’s flashMessage or languageDictionary features. The issue is addressed in version 11.30.1, which patc...

8.1CVSS6.9AI score0.01539EPSS
Exploits1References3Affected Software1
vulnersOsv
vulnersOsv
added 2021/06/04 7:10 p.m.4 views

@apim/auth0-lock-redux (>=1.0.0 <=1.0.2), @brudi-toolbox/id (>=1.4.5-next.1 <=2.0.4-next.2) +36 more potentially affected by CVE-2021-32641 via auth0-lock (>=10.14.0 <=11.28.1)

auth0-lock NPM version =10.14.0, =1.0.0, =1.4.5-next.1, =2.2.0, =1.0.0, =0.1.0, =0.3.0, =0.0.1, =1.0.0, =0.1.0, =0.5.3, =0.1.13, =1.0.0, =0.0.1, =0.0.5 - auth0-react-sample =1.0.0 and more Source cves: CVE-2021-32641 Source advisory: OSV:GHSA-JR3J-WHM4-9WWM...

8.1CVSS6.6AI score0.01539EPSS
Exploits1
Rows per page
Query Builder