Keystone Security Vulnerabilities and Issues — Keystone CVE List

Lucene search

KeystonejsKeystone

1 matches found

CVE•added 2023/08/15 6:15 p.m.•2499 views

CVE-2023-40027

Keystone is an open source headless CMS for Node.js — built with GraphQL and React. When ui.isAccessAllowed is set as undefined, the adminMeta GraphQL query is publicly accessible (no session required). This is different to the behaviour of the default AdminUI middleware, which by default will only...

5.3CVSS4.7AI score0.00256EPSS