Lucene search
PRIOn knowledge basePRION:CVE-2014-6393HistoryAug 09, 2017 - 6:29 p.m.
Cross site scripting
2017-08-0918:29:00
PRIOn knowledge base
www.prio-n.com
4
The Express web framework before 3.11 and 4.x before 4.5 for Node.js does not provide a charset field in HTTP Content-Type headers in 400 level responses, which might allow remote attackers to conduct cross-site scripting (XSS) attacks via characters in a non-standard encoding.
Related
debiancve
debiancve
CVE-2014-6393
2017-08-09 18:29:00
nodejs
nodejs
No Charset in Content-Type Header
2015-10-17 19:41:46
cvelist
cvelist
CVE-2014-6393
2017-08-09 18:00:00
cve
cve
CVE-2014-6393
2017-08-09 18:29:00
ubuntucve
ubuntucve
CVE-2014-6393
2017-08-09 00:00:00
osv
osv
No Charset in Content-Type Header in express
2018-10-23 17:22:54
nvd
nvd
CVE-2014-6393
2017-08-09 18:29:00
github
github
No Charset in Content-Type Header in express
2018-10-23 17:22:54