Karma Project: Security Vulnerabilities
The package karma before 6.3.16 are vulnerable to Open Redirect due to missing validation of the return_url query parameter.
CVSS Score
5.4
EPSS Score
0.002
Published
2022-02-25
Cross-site Scripting (XSS) - DOM in NPM karma prior to 6.3.14.
CVSS Score
5.4
EPSS Score
0.093
Published
2022-02-05