Vulnerability	Vulnerable Version
M URL Redirection to Untrusted Site ('Open Redirect') cg is a Clinical Genomics command center Affected versions of this package are vulnerable to URL Redirection to Untrusted Site ('Open Redirect') due to improper validation of the `referrer` header under certain conditions. An attacker can redirect users to malicious websites or phishing pages by manipulating the `referrer` header. How to fix URL Redirection to Untrusted Site ('Open Redirect')? Upgrade `cg` to version 60.2.12 or higher.	[,60.2.12)
M Cross-site Request Forgery (CSRF) cg is a Clinical Genomics command center Affected versions of this package are vulnerable to Cross-site Request Forgery (CSRF) such that certain endpoints are only reliant on cookies for authentication, making them prone to potential attacks. The affected areas include the admin and invoice endpoints. How to fix Cross-site Request Forgery (CSRF)? Upgrade `cg` to version 26.0.4 or higher.	[,26.0.4)

URL Redirection to Untrusted Site ('Open Redirect')

cg is a Clinical Genomics command center

Affected versions of this package are vulnerable to URL Redirection to Untrusted Site ('Open Redirect') due to improper validation of the referrer header under certain conditions. An attacker can redirect users to malicious websites or phishing pages by manipulating the referrer header.

How to fix URL Redirection to Untrusted Site ('Open Redirect')?

Upgrade cg to version 60.2.12 or higher.

[,60.2.12)

Cross-site Request Forgery (CSRF)

cg is a Clinical Genomics command center

Affected versions of this package are vulnerable to Cross-site Request Forgery (CSRF) such that certain endpoints are only reliant on cookies for authentication, making them prone to potential attacks. The affected areas include the admin and invoice endpoints.

How to fix Cross-site Request Forgery (CSRF)?

Upgrade cg to version 26.0.4 or higher.

[,26.0.4)

Go back to all versions of this package