VYPR

npm package

flintcms

pkg:npm/flintcms

Vulnerabilities (1)

  • CVE-2018-3783CriAug 17, 2018
    affected < 1.1.10fixed 1.1.10

    A privilege escalation detected in flintcms versions <= 1.1.9 allows account takeover due to blind MongoDB injection in password reset.