CVE-2015-9240

Summary

Due to a bug in the the default sign in functionality in the keystone node module before 0.3.16, incomplete email addresses could be matched. A correct password is still required to complete sign in.

Affected Software

VendorProductVersion RangeStatus
HackerOnekeystone node module<0.3.16affected

Weaknesses

  • Improper Authentication

ADP Enrichment

CVE Program Container

Additional References

References