Vulnerabilities > Auth0 > Lock > 11.14.0

DATE CVE VULNERABILITY TITLE RISK
2021-06-04 CVE-2021-32641 Cross-site Scripting vulnerability in Auth0 Lock
auth0-lock is Auth0's signin solution.
network
auth0 CWE-79
4.3
4.3
2020-08-20 CVE-2020-15119 Cross-site Scripting vulnerability in Auth0 Lock
In auth0-lock versions before and including 11.25.1, dangerouslySetInnerHTML is used to update the DOM.
network
auth0 CWE-79
3.5
3.5
2020-02-03 CVE-2019-20174 Cross-site Scripting vulnerability in Auth0 Lock
Auth0 Lock before 11.21.0 allows XSS when additionalSignUpFields is used with an untrusted placeholder.
network
auth0 CWE-79
4.3
4.3