-
CVSS Score
-Basic Information
CVE ID
-
GHSA ID
-
EPSS Score
-
CWE
-
Published
-
Updated
-
KEV Status
-
Technology
-
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AIMiggo AIRoot Cause AnalysisThe vulnerability was explicitly addressed by removing redirect functionality in PR #8626. The commit messages and PR title indicate the redirect logic in authentication flows was the attack surface. Open redirect vulnerabilities typically involve improper validation of URL parameters in redirection handlers, which aligns with the CWE-601 description and the mitigation strategy of removing the feature entirely.
| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| @keystone-6/auth | npm | < 7.0.0 | 7.0.0 |
JavaScriptJavaScriptOngoing coverage of React2Shell