Hapi Crumb
1 CVEs
product
Monthly
The Crumb plugin before 3.0.0 for Node.js does not properly restrict token access in situations where a hapi route handler has CORS enabled, which allows remote attackers to obtain sensitive. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable.
Node.js
Authentication Bypass
Hapi Crumb
NVD
GitHub
CVSS 2.0
5.8
EPSS
0.2%
CVE-2014-7193
npm
EPSS 0%
CVSS 5.8
MEDIUM
PATCH
This Month
The Crumb plugin before 3.0.0 for Node.js does not properly restrict token access in situations where a hapi route handler has CORS enabled, which allows remote attackers to obtain sensitive. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable.
Node.js
Authentication Bypass
Hapi Crumb
NVD
GitHub