Описание
@misskey-dev/summaly is a tool for getting a summary of a web page. Starting in version 3.0.1 and prior to version 5.2.1, a logic error in the main summaly function causes the allowRedirects option to never be passed to any plugins, and as a result, isn't enforced. Misskey will follow redirects, despite explicitly requesting not to. Version 5.2.1 contains a patch for the issue.
Уязвимые конфигурации
Конфигурация 1Версия от 3.0.1 (включая) до 5.2.1 (исключая)
cpe:2.3:a:misskey:summaly:*:*:*:*:*:node.js:*:*
EPSS
Процентиль: 24%
0.00081
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-601
Связанные уязвимости
EPSS
Процентиль: 24%
0.00081
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-601