Vulnerabilities > Keystonejs

DATE	CVE	VULNERABILITY TITLE	RISK
2017-10-24	CVE-2017-15879	Improper Input Validation vulnerability in Keystonejs Keystone 4.0.0 CSV Injection (aka Excel Macro Injection or Formula Injection) exists in admin/server/api/download.js and lib/list/getCSVData.js in KeystoneJS before 4.0.0-beta.7 via a value that is mishandled in a CSV export. network keystonejs CWE-20	6.8
2017-10-24	CVE-2017-15878	Cross-site Scripting vulnerability in Keystonejs Keystone A cross-site scripting (XSS) vulnerability exists in fields/types/markdown/MarkdownType.js in KeystoneJS before 4.0.0-beta.7 via the Contact Us feature. network keystonejs CWE-79	4.3

Vulnerabilities > Keystonejs {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Keystonejs"}]}