Lucene search
K

4 matches found

vulnersOsv
vulnersOsv
added 2023/06/14 2:54 p.m.4 views

create-keystone-app-master (>=6.0.21 <=6.0.22) potentially affected by CVE-2023-34247 via @keystone-6/auth (=2.0.0)

@keystone-6/auth NPM version =2.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on @keystone-6/auth and may be impacted: - create-keystone-app-master =6.0.21, =6.0.22 Source cves: CVE-2023-34247 Source advisory: OSV:GHSA-JQXR-VJVV-899M...

6.1CVSS6AI score0.00407EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2023/06/13 4:31 p.m.13 views

CVE-2023-34247 @keystone-6/auth Open Redirect vulnerability

Keystone is a content management system for Node.JS. There is an open redirect in the @keystone-6/auth package versions 7.0.0 and prior, where the redirect leading / filter can be bypassed. Users may be redirected to domains other than the relative host, thereby it might be used by attackers to...

6.1CVSS6.7AI score0.00407EPSS
Exploits0References2
CVE
CVE
added 2023/06/13 4:31 p.m.51 views

CVE-2023-34247

Keystone is a Node.js-based CMS. There is an Open Redirect in the @keystone-6/auth package up to version 7.0.0, where the redirect leading '/' filter can be bypassed. An attacker may cause users to be redirected to external domains instead of the relative host. Remediation is to apply the patch f...

6.1CVSS5.1AI score0.00407EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2023/06/13 4:31 p.m.39 views

CVE-2023-34247 @keystone-6/auth Open Redirect vulnerability

Keystone is a content management system for Node.JS. There is an open redirect in the @keystone-6/auth package versions 7.0.0 and prior, where the redirect leading / filter can be bypassed. Users may be redirected to domains other than the relative host, thereby it might be used by attackers to...

6.1CVSS4.8AI score0.00407EPSS
Exploits0References4
Rows per page
Query Builder