VYPR

npm package

react-adal

pkg:npm/react-adal

Vulnerabilities (1)

  • CVE-2020-7787HigDec 9, 2020
    affected < 0.5.1fixed 0.5.1

    This affects all versions of package react-adal. It is possible for a specially crafted JWT token and request URL can cause the nonce, session and refresh values to be incorrectly validated, causing the application to treat an attacker-generated JWT token as authentic. The logica