Homepage
About Snyk

pollbot@1.1.4 vulnerabilities

A service that polls other services about releases deliveries.

Go back to all versions of this package
Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the pollbot package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • M
Open Redirect

pollbot is an A service that polls other services about releases deliveries.

Affected versions of this package are vulnerable to Open Redirect. There was an open redirection vulnerability pollbot, which was used in https://pollbot.services.mozilla.com/ and https://pollbot.stage.mozaws.net/An attacker could have redirected anyone to malicious sites.

How to fix Open Redirect?

A fix was pushed into the master branch but not yet published.

[0,)
  • H
Open Redirect

pollbot is an A service that polls other services about releases deliveries.

Affected versions of this package are vulnerable to Open Redirect. An attacker can redirect anyone to malicious sites. To Reproduce type in this URL: https://pollbot.services.mozilla.com//evil.com/. Affected versions will redirect to that website when you inject a payload like //evil.com/.

How to fix Open Redirect?

A fix was pushed into the master branch but not yet published.

[0,)
Go back to all versions of this package