Find real vulnerabilities before they ship
Vulnerability Database › npm › CVE-2024-26318
Serenity before 6.8.0 allows XSS via an email link because LoginPage.tsx permits return URLs that do not begin with a / character.
Base Score