Vulnerable Package issue exists @ Npm-auth0-lock-11.20.2 in branch master
Auth0 Lock before 11.21.0 allows XSS when additionalSignUpFields is used with an untrusted placeholder.
Namespace: Abdul1110
Repository: TEST_ORION
Repository Url: https://github.com/Abdul1110/TEST_ORION
CxAST-Project: Abdul1110/TEST_ORION
CxAST platform scan: 19490220-b272-4b92-94fa-50af22248f60
Branch: master
Application: TEST_ORION
Severity: MEDIUM
State: NOT_IGNORED
Status: RECURRENT
CWE: CWE-79
Addition Info
Attack vector: NETWORK
Attack complexity: LOW
Confidentiality impact: LOW
Availability impact: NONE
Remediation Upgrade Recommendation: 11.30.1
References
Advisory
Advisory
Release Note
Commit
Vulnerable Package issue exists @ Npm-auth0-lock-11.20.2 in branch master
Auth0 Lock before 11.21.0 allows XSS when additionalSignUpFields is used with an untrusted placeholder.
Namespace: Abdul1110
Repository: TEST_ORION
Repository Url: https://github.com/Abdul1110/TEST_ORION
CxAST-Project: Abdul1110/TEST_ORION
CxAST platform scan: 19490220-b272-4b92-94fa-50af22248f60
Branch: master
Application: TEST_ORION
Severity: MEDIUM
State: NOT_IGNORED
Status: RECURRENT
CWE: CWE-79
Addition Info
Attack vector: NETWORK
Attack complexity: LOW
Confidentiality impact: LOW
Availability impact: NONE
Remediation Upgrade Recommendation: 11.30.1
References
Advisory
Advisory
Release Note
Commit