npm package
@dcl/single-sign-on-client
pkg:npm/%40dcl/single-sign-on-client
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-41049 | — | < 0.1.0 | 0.1.0 | Sep 1, 2023 | @dcl/single-sign-on-client is an open source npm library which deals with single sign on authentication flows. Improper input validation in the `init` function allows arbitrary javascript to be executed using the `javascript:` prefix. This vulnerability has been patched on versi |
- CVE-2023-41049Sep 1, 2023affected < 0.1.0fixed 0.1.0
@dcl/single-sign-on-client is an open source npm library which deals with single sign on authentication flows. Improper input validation in the `init` function allows arbitrary javascript to be executed using the `javascript:` prefix. This vulnerability has been patched on versi