Lucene search

methodOverride Middleware Reflected Cross-Site Scripting in connect

🗓️ 31 Aug 2020 22:27:41Reported by GitHub Advisory DatabaseType

Reflected Cross-Site Scripting in connect due to unchecked user input in methodOverride middleware

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 17
Cvelist	CVE-2013-7370	11 Dec 201913:55	–	cvelist
Cvelist	CVE-2013-7371	11 Dec 201914:04	–	cvelist
UbuntuCve	CVE-2013-7370	11 Dec 201900:00	–	ubuntucve
CVE	CVE-2013-7370	11 Dec 201914:15	–	cve
CVE	CVE-2013-7371	11 Dec 201915:15	–	cve
Prion	Code injection	11 Dec 201914:15	–	prion
Prion	Cross site scripting	11 Dec 201915:15	–	prion
NVD	CVE-2013-7370	11 Dec 201914:15	–	nvd
NVD	CVE-2013-7371	11 Dec 201915:15	–	nvd
Debian CVE	CVE-2013-7370	11 Dec 201914:15	–	debiancve

Vulners

Node

ivanti connect_secureRange≤2.8.0

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2013-7370
github	www.github.com/senchalabs/connect/issues/831
github	www.github.com/senchalabs/connect/commit/126187c4e12162e231b87350740045e5bb06e93a
github	www.github.com/senchalabs/connect/commit/277e5aad6a95d00f55571a9a0e11f2fa190d8135
access	www.access.redhat.com/security/cve/cve-2013-7370
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
bugzilla	www.bugzilla.suse.com/show_bug.cgi
security-tracker	www.security-tracker.debian.org/tracker/CVE-2013-7370
npmjs	www.npmjs.com/advisories/3
openwall	www.openwall.com/lists/oss-security/2014/04/21/2

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

31 Aug 2020 22:41Current

0.8Low risk

Vulners AI Score0.8

CVSS24.3

CVSS36.1

EPSS0.01082

CWE-79