5.3.0
12 years ago
5 months ago
Known vulnerabilities in the parse package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for freeVulnerability | Vulnerable Version |
---|---|
parse is a library that gives you access to the powerful Parse Server backend from your JavaScript app. Affected versions of this package are vulnerable to Insufficiently Protected Credentials. The PoC by Diamond Lewis and Colin Ulin
After running the above code, the new password will be stored in localStorage as a property named "password". How to fix Insufficiently Protected Credentials? Upgrade | <2.10.0 |