Description
The Auth0 Auth0.js library before 9.3 has CSRF because it mishandles the case where the authorization response lacks the state parameter.
Remediation
References
https://auth0.com/docs/security/bulletins/cve-2018-7307
Related Vulnerabilities
CVE-2021-39233 Vulnerability in maven package org.apache.ozone:ozone-main
CVE-2017-15686 Vulnerability in maven package org.craftercms:crafter-studio
CVE-2011-4838 Vulnerability in maven package org.jruby:jruby-stdlib
CVE-2021-42697 Vulnerability in maven package com.typesafe.akka:akka-http-core_2.12
CVE-2013-0239 Vulnerability in maven package org.apache.cxf:cxf-bundle-minimal