CVE-2022-0087 – Cross-site Scripting (XSS) - Reflected in keystonejs/keystone
https://notcve.org/view.php?id=CVE-2022-0087
keystone is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') keystone es vulnerable a una Neutralización Inapropiada de Entradas Durante la Generación de Páginas Web ("Cross-site Scripting") • https://github.com/keystonejs/keystone/commit/96bf833a23b1a0a5d365cf394467a943cc481b38 https://huntr.dev/bounties/c9d7374f-2cb9-4bac-9c90-a965942f413e • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2021-32624 – Private Field data leak
https://notcve.org/view.php?id=CVE-2021-32624
Keystone 5 is an open source CMS platform to build Node.js applications. This security advisory relates to a newly discovered capability in our query infrastructure to directly or indirectly expose the values of private fields, bypassing the configured access control. This is an access control related oracle attack in that the attack method guides an attacker during their attempt to reveal information they do not have access to. The complexity of completing the attack is limited by some length-dependent behaviors and the fidelity of the exposed information. Under some circumstances, field values or field value meta data can be determined, despite the field or list having `read` access control configured. • https://github.com/keystonejs/keystone-5/security/advisories/GHSA-27g8-r9vw-765x • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2015-9240
https://notcve.org/view.php?id=CVE-2015-9240
Due to a bug in the the default sign in functionality in the keystone node module before 0.3.16, incomplete email addresses could be matched. A correct password is still required to complete sign in. Debido a un error en la funcionalidad de inicio de sesión por defecto en el módulo keystone node en versiones anteriores a la 0.3.16, las direcciones de correo electrónico incompletas podrían coincidir. Sigue siendo necesaria una contraseña correcta para completar el inicio de sesión. • https://nodesecurity.io/advisories/60 • CWE-255: Credentials Management Errors •
CVE-2017-16570 – KeystoneJS < 4.0.0-beta.7 - Cross-Site Request Forgery
https://notcve.org/view.php?id=CVE-2017-16570
KeystoneJS before 4.0.0-beta.7 allows application-wide CSRF bypass by removing the CSRF parameter and value, aka SecureLayer7 issue number SL7_KEYJS_03. In other words, it fails to reject requests that lack an x-csrf-token header. KeystoneJS en versiones anteriores a la 4.0.0-beta.7 permite la omisión CSRF de la aplicación mediante la eliminación del parámetro y el valor CSRF. Esto también se conoce como SecureLayer7 issue number SL7_KEYJS_03. En otras palabras, fracasa a la hora de rechazar peticiones que no cuenten con una cabecera x-csrf-token. • https://www.exploit-db.com/exploits/43922 http://blog.securelayer7.net/keystonejs-open-source-penetration-testing-report https://github.com/keystonejs/keystone/issues/4437 https://github.com/keystonejs/keystone/pull/4478 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2017-15881
https://notcve.org/view.php?id=CVE-2017-15881
Cross-Site Scripting vulnerability in KeystoneJS before 4.0.0-beta.7 allows remote authenticated administrators to inject arbitrary web script or HTML via the "content brief" or "content extended" field, a different vulnerability than CVE-2017-15878. Vulnerabilidad Cross-Site Scripting (XSS) en KeystoneJS en versiones anteriores a la 4.0.0-beta.7 permite que administradores autenticados remotos inyecten scripts web o HTML arbitrarios mediante el campo "content brief" o "content extended". Esta es una vulnerabilidad diferente de CVE-2017-15878. • http://blog.securelayer7.net/keystonejs-open-source-penetration-testing-report http://www.securityfocus.com/bid/101541 https://github.com/keystonejs/keystone/issues/4437 https://github.com/keystonejs/keystone/pull/4478 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •