CVE-2021-3189

Published February 19th, 2021

View on NVD ↗

CVSS v3

6.1

MEDIUM

CVSS v2

5.8

MEDIUM

Affected

1

PROJECT

Description

The slashify package 1.0.0 for Node.js allows open-redirect attacks, as demonstrated by a localhost:3000///example.com/ substring.

Express/Connect middleware to handle trailing slashes with options

NPM