oidc-provider@1.5.0 vulnerabilities
OAuth 2.0 Authorization Server implementation for Node.js with OpenID Connect
-
latest version
8.6.0
-
latest non vulnerable version
-
first published
9 years ago
-
latest version published
4 days ago
-
licenses detected
- >=0
Direct Vulnerabilities
Known vulnerabilities in the oidc-provider package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
oidc-provider is an OAuth 2.0 Authorization Server with OpenID Connect and many additional features and standards implemented. Affected versions of this package are vulnerable to Cross-site Scripting (XSS). Templates used within How to fix Cross-site Scripting (XSS)? Upgrade |
<6.0.3
|