Количество 2
Количество 2
CVE-2021-23387
The package trailing-slash before 2.0.1 are vulnerable to Open Redirect via the use of trailing double slashes in the URL when accessing the vulnerable endpoint (such as https://example.com//attacker.example/). The vulnerable code is in index.js::createTrailing(), as the web server uses relative URLs instead of absolute URLs.
GHSA-rfhr-62xp-2fp2
Open Redirect in trailing-slash
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2021-23387 The package trailing-slash before 2.0.1 are vulnerable to Open Redirect via the use of trailing double slashes in the URL when accessing the vulnerable endpoint (such as https://example.com//attacker.example/). The vulnerable code is in index.js::createTrailing(), as the web server uses relative URLs instead of absolute URLs. | CVSS3: 5.4 | 0% Низкий | больше 4 лет назад |
| GHSA-rfhr-62xp-2fp2 Open Redirect in trailing-slash | CVSS3: 5.4 | 0% Низкий | больше 4 лет назад |
Уязвимостей на страницу