Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Open Redirect
Vulnerability Description
The package trailing-slash before 2.0.1 are vulnerable to Open Redirect via the use of trailing double slashes in the URL when accessing the vulnerable endpoint (such as https://example.com//attacker.example/). The vulnerable code is in index.js::createTrailing(), as the web server uses relative URLs instead of absolute URLs.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Vulnerability Type
N/A
Vulnerability Title
trailing-slash 输入验证错误漏洞
Vulnerability Description
trailing-slash是一个应用程序。添加或删除尾部斜杠,然后重定向。 trailing-slash 2.0.1之前版本存在安全漏洞,当访问易受攻击的端点时,通过在URL中使用尾随的双斜杠。
CVSS Information
N/A
Vulnerability Type
N/A