Описание
Qwik is a performance focused javascript framework. Prior to version 1.19.0, an Open Redirect vulnerability in Qwik City's default request handler middleware allows a remote attacker to redirect users to arbitrary protocol-relative URLs. Successful exploitation permits attackers to craft convincing phishing links that appear to originate from the trusted domain but redirect the victim to an attacker-controlled site. This issue has been patched in version 1.19.0.
Уязвимые конфигурации
Конфигурация 1Версия до 1.19.0 (исключая)
cpe:2.3:a:qwik:qwik:*:*:*:*:*:node.js:*:*
EPSS
Процентиль: 2%
0.00014
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-601
Связанные уязвимости
CVSS3: 6.1
debian
около 2 месяцев назад
Qwik is a performance focused javascript framework. Prior to version 1 ...
EPSS
Процентиль: 2%
0.00014
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-601