Vulnerabilities > Doorkeeper Project > Doorkeeper > 4.2.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-12 | CVE-2023-34246 | Improper Authentication vulnerability in Doorkeeper Project Doorkeeper Doorkeeper is an OAuth 2 provider for Ruby on Rails / Grape. | 6.5 |
| 2018-03-13 | CVE-2018-1000088 | Cross-site Scripting vulnerability in Doorkeeper Project Doorkeeper Doorkeeper version 2.1.0 through 4.2.5 contains a Cross Site Scripting (XSS) vulnerability in web view's OAuth app form, user authorization prompt web view that can result in Stored XSS on the OAuth Client's name will cause users interacting with it will execute payload. | 4.3 |