Vulnerabilities > Auth0 > Lock > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-05-05 CVE-2022-29172 Cross-site Scripting vulnerability in Auth0 Lock
Auth0 is an authentication broker that supports both social and enterprise identity providers, including Active Directory, LDAP, Google Apps, and Salesforce.
network
low complexity
auth0 CWE-79
6.1
6.1
2021-06-04 CVE-2021-32641 Cross-site Scripting vulnerability in Auth0 Lock
auth0-lock is Auth0's signin solution.
network
auth0 CWE-79
4.3
4.3
2020-02-03 CVE-2019-20174 Cross-site Scripting vulnerability in Auth0 Lock
Auth0 Lock before 11.21.0 allows XSS when additionalSignUpFields is used with an untrusted placeholder.
network
auth0 CWE-79
4.3
4.3