Vulnerabilidades em keystonejs
9 resultadosCVE-2022-0087HIGHCross-site Scripting (XSS) - Reflected in keystonejs/keystoneEPSS 2.6%CVE-2022-39382CRITICALNODE_ENV in Keystone defaults to development with esbuildEPSS 1.5%CVE-2022-39322CRITICAL@keystone-6/core vulnerable to field-level access-control bypass for multiselect fieldEPSS 1.1%CVE-2021-32624HIGHPrivate Field data leakEPSS 0.9%CVE-2023-40027LOWConditionally missing authorization in @keystone-6/coreEPSS 0.5%CVE-2023-34247MEDIUM@keystone-6/auth Open Redirect vulnerabilityEPSS 0.4%CVE-2026-10802MEDIUMkeystonejs keystone GraphQL API Endpoint output-field.ts resource consumptionEPSS 0.3%CVE-2026-33326MEDIUM@keystone-6/core: `isFilterable` bypass via `cursor` parameter in findManyEPSS 0.3%CVE-2025-46720LOWKeystone has an unintended `isFilterable` bypass that can be used as an oracle to match hidden fieldsEPSS 0.2%