RSS   Vulnerabilities for 'Koa-shopify-auth'   RSS

2020-07-02
 
CVE-2020-8176

CWE-79
 

 
A cross-site scripting vulnerability exists in koa-shopify-auth v3.1.61-v3.1.62 that allows an attacker to inject JS payloads into the `shop` parameter on the `/shopify/auth/enable_cookies` endpoint.

 


Copyright 2024, cxsecurity.com

 

Back to Top