penetration-testing

nodejs

keystonejs

owasp

Open Redirect Vulnerability in KeystoneJS

12 September 2018

This post is about an interesting security issue I found in KeystoneJS, the Node.js/Express based content management framework.

It’s a simple Open Redirect weakness in the sign in page of version 4, which is currently in beta but widely deployed out on the Internet. It was interesting to me …

Read