Описание
Authentication Weakness in keystone
There is an authentication weakness vulnerability in keystone before version 0.3.16. Due to a bug in the the default sign in functionality, incomplete email addresses could be matched. A correct password is still required to complete sign in.
Пакеты
Наименование
keystone
npm
Затронутые версииВерсия исправления
< 0.3.16
0.3.16