VYPR

A12n Server

by Curveball

Source repositories

CVEs (1)

  • CVE-2021-29452Apr 16, 2021
    risk 0.00cvss epss 0.01

    a12n-server is an npm package which aims to provide a simple authentication system. A new HAL-Form was added to allow editing users in version 0.18.0. This feature should only have been accessible to admins. Unfortunately, privileges were incorrectly checked allowing any logged…