Vulnerabilities

1 via 1 paths

Dependencies

78

Source

GitHub

Commit

64c40f96

Find, fix and prevent vulnerabilities in your code.

Severity
  • 1
Status
  • 1
  • 0
  • 0

medium severity
new

Open Redirect

  • Vulnerable module: koa
  • Introduced through: koa@3.0.1

Detailed paths

  • Introduced through: browser-ava@arlac77/browser-ava#64c40f96d161da1021dd07c59907f895382bbd5a koa@3.0.1

Overview

koa is a Koa web app framework

Affected versions of this package are vulnerable to Open Redirect via the redirect function in lib/response.js due to improper input sanitization. An attacker can redirect users to arbitrary external sites by exploiting this vulnerability.

Remediation

A fix was pushed into the master branch but not yet published.

References