Cross-site Request Forgery (CSRF) Affecting keystone Open this link in a new tab package, versions <0.2.34
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.Test your applications
25 Dec 2017
28 Nov 2014
Mickael van der Beek
Introduced: 28 Nov 2014CWE-352 Open this link in a new tab
How to fix?
keystone to version 0.2.34 or higher.
keystone is a web Application Framework and Admin GUI / Content Management System built on Express.js and Mongoose.
Affected versions of the package are vulnerable to Cross-site Request Forgery (CSRF).