One of Spotify’s biggest projects had a pretty critical vulnerability

Behind the scenes, Spotify’s open-source developer portal project contained a high-severity vulnerability that allowed would-be cybercriminals to remotely execute unauthenticated code on the project. The vulnerability was discovered by cloud-native app security vendors Oxeye and was subsequently patched by Spotify.

Users are asked to update Backstage to version 1.5.1 which fixes the issue.

Leave a Reply

Your email address will not be published. Required fields are marked *