Product:

Single_sign_on_client

(Decentraland)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 1
Date Id Summary Products Score Patch Annotated
2023-09-01 CVE-2023-41049 @dcl/single-sign-on-client is an open source npm library which deals with single sign on authentication flows. Improper input validation in the `init` function allows arbitrary javascript to be executed using the `javascript:` prefix. This vulnerability has been patched on version `0.1.0`. Users are advised to upgrade. Users unable to upgrade should limit untrusted user input to the `init` function. Single_sign_on_client 6.1