1 matches found
Cross-site Scripting (XSS)
@auth0/nextjs-auth0 is vulnerable to cross-site scripting. An attacker is able to inject and execute malicious code via an error query parameter processed by the callback handler as an error message...