2 matches found
CVE-2021-32702
The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. Versions before and including 1.4.1 are vulnerable to reflected XSS. An attacker can execute arbitrary code by providing an XSS payload in the error query parameter which is then processed by the...
@perimetre/nextjs-auth (>=0.1.0 <=0.2.1), @zagrajmy/app (>=0.0.1 <=0.1.0-alpha.0) potentially affected by CVE-2021-32702 via @auth0/nextjs-auth0 (>=0.11.0 <=0.16.1)
@auth0/nextjs-auth0 NPM version =0.11.0, =0.1.0, =0.0.1, =0.1.0-alpha.0 Source cves: CVE-2021-32702 Source advisory: OSV:GHSA-954C-JJX6-CXV7...