Vulnerabilities > Keystonejs > Keystone > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-08-15 CVE-2023-40027 Unspecified vulnerability in Keystonejs Keystone
Keystone is an open source headless CMS for Node.js — built with GraphQL and React.
network
low complexity
keystonejs
5.3
5.3
2023-06-13 CVE-2023-34247 Unspecified vulnerability in Keystonejs Keystone
Keystone is a content management system for Node.JS.
network
low complexity
keystonejs
4.1
4.1
2022-01-12 CVE-2022-0087 Unspecified vulnerability in Keystonejs Keystone
keystone is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
network
low complexity
keystonejs
6.1
6.1
2017-10-24 CVE-2017-15881 Cross-site Scripting vulnerability in Keystonejs Keystone
Cross-Site Scripting vulnerability in KeystoneJS before 4.0.0-beta.7 allows remote authenticated administrators to inject arbitrary web script or HTML via the "content brief" or "content extended" field, a different vulnerability than CVE-2017-15878.
network
low complexity
keystonejs CWE-79
4.8
4.8
2017-10-24 CVE-2017-15878 Cross-site Scripting vulnerability in Keystonejs Keystone
A cross-site scripting (XSS) vulnerability exists in fields/types/markdown/MarkdownType.js in KeystoneJS before 4.0.0-beta.7 via the Contact Us feature.
network
low complexity
keystonejs CWE-79
6.1
6.1