13 matches found
CVE-2023-40027
Keystone (Node.js) vulnerability CVE-2023-40027: When ui.isAccessAllowed is undefined, the adminMeta GraphQL query is publicly accessible without a session, potentially exposing admin metadata. Affected users are those relying on a session strategy to restrict access; developers using @keystone-6...
CVE-2022-0087
Keystone 6 login page vulnerability (CVE-2022-0087) involves an open redirect via the from= URL parameter, which can be escalated to reflected XSS. The issue is highlighted in the Nuclei template for Keystone 6 Login Page, describing an open redirect and potential XSS on the authentication flow. ...
CVE-2025-46720
Keystone (Node.js CMS) prior to 6.5.0 has an Access Control Bypass in update/delete mutations: when a where clause uses multiple unique filters, the isFilterable check can be bypassed, enabling inference of hidden field values. The issue is patched in @keystone-6/core v6.5.0. Mitigations from the...
CVE-2017-15878
KeystoneJS prior to 4.0.0-beta.7 contains a cross-site scripting (XSS) flaw in fields/types/markdown/MarkdownType.js exposed via the Contact Us feature. Multiple sources (GHSA entry and exploit reports) describe this as an unauthenticated or remote-exploit path that can deliver arbitrary JavaScri...
CVE-2017-15879
CVE-2017-15879 affects KeystoneJS before 4.0.0-beta.7. The CSV injection vulnerability arises in the CSV export path via values mishandled in admin/server/api/download.js and lib/list/getCSVData.js, enabling Excel macro/formula injection. Documentation indicates the issue exists prior to version ...
CVE-2022-39382
Keystone (Node.js) vulnerability CVE-2022-39382 affects @keystone-6/core versions 3.0.0 and 3.0.1. The issue arises when NODE_ENV is inlined to the string "development" for user code in production builds, potentially triggering security‑sensitive functionality unintentionally. The vulnerability i...
CVE-2017-15881
Technical details for CVE-2017-15881 are not publicly available in the provided documents. Monitor for updates.
CVE-2017-16570
KeystoneJS vulnerability CVE-2017-16570 affects KeystoneJS before 4.0.0-beta.7. The issue is a Cross-Site Request Forgery (CSRF) bypass where requests can bypass CSRF protection by removing the CSRF parameter/value, effectively not rejecting requests that lack an X-CSRF-Token header. Public detai...
CVE-2022-29354
CVE-2022-29354 concerns Keystone CMS, version 4.2.1. The vulnerability is in the File Upload module, where an arbitrary file upload allows an attacker to execute arbitrary code via a crafted file. The description and connected sources confirm the affected software/component and the risk of remote...
CVE-2022-39322
The CVE-2022-39322 entry affects the Keystone 6 ecosystem: @keystone-6/core prior to version 2.3.1, specifically 2.2.0 up to 2.3.0, is vulnerable to a field-level access-control bypass for multiselect fields. The vulnerability arises because field-level access control is not applied to multiselec...
CVE-2015-9240
CVE-2015-9240 affects the keystone node module prior to 0.3.16. The vulnerability is a partial authentication bypass in the default sign-in flow: if an attacker provides a full and correct password but only a partial email address, authentication can be granted. Affected component is the keystone...
CVE-2023-34247
Keystone is a Node.js-based CMS. There is an Open Redirect in the @keystone-6/auth package up to version 7.0.0, where the redirect leading '/' filter can be bypassed. An attacker may cause users to be redirected to external domains instead of the relative host. Remediation is to apply the patch f...
CVE-2026-33326
Summary: Keystone 6 core prior to 6.5.2 had a bypass in isFilterable for findMany via the cursor parameter, allowing potential disclosure by confirming protected field values. The root cause is that the cursor input type reused UniqueWhere checks not patched by the previous fix for CVE-2025-46720...