Vulnerabilities > Keystonejs > Keystone > 0.1.20
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-15 | CVE-2023-40027 | Unspecified vulnerability in Keystonejs Keystone Keystone is an open source headless CMS for Node.js — built with GraphQL and React. | 5.3 |
| 2023-06-13 | CVE-2023-34247 | Unspecified vulnerability in Keystonejs Keystone Keystone is a content management system for Node.JS. | 4.1 |
| 2022-01-12 | CVE-2022-0087 | Unspecified vulnerability in Keystonejs Keystone keystone is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | 6.1 |
| 2018-05-29 | CVE-2015-9240 | Credentials Management vulnerability in Keystonejs Keystone Due to a bug in the the default sign in functionality in the keystone node module before 0.3.16, incomplete email addresses could be matched. | 7.5 |
| 2017-10-24 | CVE-2017-15881 | Cross-site Scripting vulnerability in Keystonejs Keystone Cross-Site Scripting vulnerability in KeystoneJS before 4.0.0-beta.7 allows remote authenticated administrators to inject arbitrary web script or HTML via the "content brief" or "content extended" field, a different vulnerability than CVE-2017-15878. | 4.8 |