Filtered by vendor Karma Project Subscriptions
Filtered by product Karma Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2021-23495 1 Karma Project 1 Karma 2024-09-16 5.4 Medium
The package karma before 6.3.16 are vulnerable to Open Redirect due to missing validation of the return_url query parameter.
CVE-2022-0437 1 Karma Project 1 Karma 2024-08-02 6.1 Medium
Cross-site Scripting (XSS) - DOM in NPM karma prior to 6.3.14.