Vulnerability Database

309,539

Total vulnerabilities in the database

CVE-2019-1020010

Misskey before 10.102.4 allows hijacking a user's token.

Published: Jul 29, 2019
Updated: Nov 9, 2025
CVE: CVE-2019-1020010
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

CWEs:

CWE-79

OWASP TOP 10:

A7 - Cross-Site Scripting (XSS)

Affected Software
References

Software	From	Fixed in
misskey / misskey	10.46.0	10.102.4
misskey / misskey	11.0.0	11.20.2
misskey / misskey	11.0.0-alpha1	11.0.0-alpha1.x
misskey / misskey	11.0.0-alpha2	11.0.0-alpha2.x
misskey / misskey	11.0.0-alpha3	11.0.0-alpha3.x
misskey / misskey	11.0.0-alpha4	11.0.0-alpha4.x
misskey / misskey	11.0.0-alpha5	11.0.0-alpha5.x
misskey / misskey	11.0.0-alpha6	11.0.0-alpha6.x
misskey / misskey	11.0.0-alpha7	11.0.0-alpha7.x
misskey / misskey	11.0.0-alpha8	11.0.0-alpha8.x
misskey / misskey	11.0.0-alpha10	11.0.0-alpha10.x
misskey / misskey	11.0.0-beta1	11.0.0-beta1.x
misskey / misskey	11.0.0-beta2	11.0.0-beta2.x
misskey / misskey	11.0.0-beta3	11.0.0-beta3.x
misskey / misskey	11.0.0-beta4	11.0.0-beta4.x
misskey / misskey	11.0.0-beta5	11.0.0-beta5.x
misskey / misskey	11.0.0-beta6	11.0.0-beta6.x
misskey / misskey	11.0.0-beta7	11.0.0-beta7.x
misskey / misskey	11.0.0-beta8	11.0.0-beta8.x
misskey / misskey	11.0.0-beta9	11.0.0-beta9.x
misskey / misskey	11.0.0-beta10	11.0.0-beta10.x
misskey / misskey	11.0.0-beta11	11.0.0-beta11.x
misskey / misskey	11.0.0-beta12	11.0.0-beta12.x
misskey / misskey	11.0.0-beta13	11.0.0-beta13.x
misskey / misskey	11.0.0-beta14	11.0.0-beta14.x
misskey / misskey	11.0.0-beta15	11.0.0-beta15.x
misskey / misskey	11.0.0-beta16	11.0.0-beta16.x

https://github.com/syuilo/misskey/security/advisories/GHSA-6qw9-6jxq-xj3p

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime