Vulnerabilities

1 via 1 paths

Dependencies

78

Source

GitHub

Commit

ab4dd77b

Find, fix and prevent vulnerabilities in your code.

Severity
  • 1
Status
  • 1
  • 0
  • 0

medium severity

Open Redirect

  • Vulnerable module: koa
  • Introduced through: koa@3.0.1

Detailed paths

  • Introduced through: browser-ava@arlac77/browser-ava#ab4dd77b1194863f7ba4dea8ee733c3d1c352097 koa@3.0.1

Overview

koa is a Koa web app framework

Affected versions of this package are vulnerable to Open Redirect via the redirect function in lib/response.js due to improper input sanitization. An attacker can redirect users to arbitrary external sites by exploiting this vulnerability.

Remediation

A fix was pushed into the master branch but not yet published.

References