CVE-2020-8176 in koa-shopify-auth
Sumário
de VulDB • 10/06/2026
Existe uma vulnerabilidade de cross-site scripting (XSS) no koa-shopify-auth v3.1.61-v3.1.62 que permite a um atacante injetar payloads JS no parâmetro `shop` do endpoint `/shopify/auth/enable_cookies`.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.