CVE-2021-37699

Next.js is an open source website development framework to be used with the React library. In affected versions specially encoded paths could be used when pages/error.js was statically generated allowing an open redirect to occur to an external site. In general, this redirect does not directly ha...

Fastify 跨站请求伪造漏洞

Fastify is an OpenJS Foundation open source web framework for Node.js. A security vulnerability exists in Fastify oauth2 that stems from the use of statically generated state parameters in all user requests...