Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.Test your applications
- Snyk ID npm:auth0-js:20171204
- published 7 Dec 2017
- disclosed 4 Dec 2017
- credit Unknown
A cross-origin vulnerability has been discovered in the Auth0 auth0.js library affecting versions < 8.12. This vulnerability allows an attacker to acquire authenticated user's tokens and invoke services on a user's behalf if the target site or application uses a popup callback page with