npm package
@serenity-is/corelib
pkg:npm/%40serenity-is/corelib
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-26318 | — | < 6.8.0 | 6.8.0 | Feb 19, 2024 | Serenity before 6.8.0 allows XSS via an email link because LoginPage.tsx permits return URLs that do not begin with a / character. |
- CVE-2024-26318Feb 19, 2024affected < 6.8.0fixed 6.8.0
Serenity before 6.8.0 allows XSS via an email link because LoginPage.tsx permits return URLs that do not begin with a / character.