Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Koa-remove-trailing-slashes Project Subscribe
Filtered by product Koa-remove-trailing-slashes
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-23384 1 Koa-remove-trailing-slashes Project 1 Koa-remove-trailing-slashes 2024-02-28 5.8 MEDIUM 5.4 MEDIUM
The package koa-remove-trailing-slashes before 2.0.2 are vulnerable to Open Redirect via the use of trailing double slashes in the URL when accessing the vulnerable endpoint (such as https://example.com//attacker.example/). The vulnerable code is in index.js::removeTrailingSlashes(), as the web server uses relative URLs instead of absolute URLs.

NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024