daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

author name -update

patch-1
pussycat0x 2023-11-06 21:47:02 +05:30 committed by GitHub
parent 44d515e886
commit aa0d91dc6f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
http/cves/2022/CVE-2022-0087.yaml
View File

@ -2,7 +2,7 @@ id: CVE-2022-0087
info:
name: Open Redirect and Reflected XSS on Keystone 6 Login Page
author: Shivansh Khari
author: ShivanshKhari
severity: medium
description: On the login page, there is a "from=" parameter in URL which is vulnerable to open redirect and can be escalated to reflected XSS.
remediation: Please upgrade to @keystone-6/auth >= 1.0.2, where this vulnerability has been closed. If you are using @keystone-next/auth, we strongly recommend you upgrade to @keystone-6