CVE-2017-15878

A cross-site scripting (XSS) vulnerability exists in fields/types/markdown/MarkdownType.js in KeystoneJS before 4.0.0-beta.7 via the Contact Us feature.

CVE-2023-34247

Keystone is a content management system for Node.JS. There is an open redirect in the @keystone-6/auth package versions 7.0.0 and prior, where the redirect leading / filter can be bypassed. Users may be redirected to domains other than the relative host, thereby it might be used by attackers to re-...