CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Shopify: >> Koa-Shopify-Auth Security Vulnerabilities

CVE-2020-8176

A cross-site scripting vulnerability exists in koa-shopify-auth v3.1.61-v3.1.62 that allows an attacker to inject JS payloads into the `shop` parameter on the `/shopify/auth/enable_cookies` endpoint.

CVSS Score

6.1

EPSS Score

0.002

Published

2020-07-02

Page 1

Vulnerabilities

Vulnerable Software

Shopify: >> Koa-Shopify-Auth Security Vulnerabilities

Products

Pricing

Contact Us