3 matches found
Malicious code in node-oauth-walkthrough (npm)
The package node-oauth-walkthrough was found to contain malicious code...
MAL-2025-27636 Malicious code in node-oauth-walkthrough (npm)
The package node-oauth-walkthrough was found to contain malicious code...
GHSA-4RG6-FM25-GC34 oauth2-server through 3.1.1 vulnerable to Open Redirect
In oauth2-server aka node-oauth2-server through 3.1.1, the value of the redirecturi parameter received during the authorization and token request is checked against an incorrect URI pattern a-zA-Za-zA-Z0-9+.-+: before making a redirection. This allows a malicious client to pass an XSS payload...