Filtered by vendor Karma Project
Subscribe
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-23495 | 1 Karma Project | 1 Karma | 2022-03-08 | 5.8 MEDIUM | 6.1 MEDIUM |
The package karma before 6.3.16 are vulnerable to Open Redirect due to missing validation of the return_url query parameter. | |||||
CVE-2022-0437 | 1 Karma Project | 1 Karma | 2022-02-10 | 4.3 MEDIUM | 6.1 MEDIUM |
Cross-site Scripting (XSS) - DOM in NPM karma prior to 6.3.14. |