Lucene search
Veracode Vulnerability DatabaseVERACODE:33621HistoryJan 13, 2022 - 7:05 a.m.
Cross-site Scripting (XSS)
2022-01-1307:05:06
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
0.001 Low
EPSS
Percentile
41.7%
@keystone-6/auth is vulnerable to cross-site scripting. The vulnerability exists in the pageMiddleware function in index.ts as it does not properly set pathname, allowing an attacker to gain sensitive information by redirecting to malicious websites.
| CPE | Name | Operator | Version |
|---|---|---|---|
| @keystone-6/auth | le | 1.0.1 | |
| @keystone-6/auth | le | 1.0.1 |
Related
osv
osv
Reflected cross-site scripting (XSS) vulnerability
2022-01-12 21:55:40
CVE-2022-0087
2022-01-12 00:15:10
prion
prion
Cross site scripting
2022-01-12 00:15:00
nvd
nvd
CVE-2022-0087
2022-01-12 00:15:10
huntr
huntr
Cross-site Scripting (XSS) - Reflected in keystonejs/keystone
2021-12-30 16:29:15
cvelist
cvelist
CVE-2022-0087 Cross-site Scripting (XSS) - Reflected in keystonejs/keystone
2022-01-11 23:20:11
nuclei
nuclei
Keystone 6 Login Page - Open Redirect and Cross-Site Scripting
2023-11-06 10:22:24
cnvd
cnvd
keystone cross-site scripting vulnerability
2022-01-12 00:00:00
github
github
Reflected cross-site scripting (XSS) vulnerability
2022-01-12 21:55:40
cve
cve
CVE-2022-0087
2022-01-12 00:15:10