3 matches found
CVE-2017-20160
A vulnerability was found in flitto express-param up to 0.x. It has been classified as critical. This affects an unknown part of the file lib/fetchParams.js. The manipulation leads to improper handling of extra parameters. It is possible to initiate the attack remotely. Upgrading to version 1.0.0...
CVE-2017-20160
A vulnerability was found in flitto express-param up to 0.x. It has been classified as critical. This affects an unknown part of the file lib/fetchParams.js. The manipulation leads to improper handling of extra parameters. It is possible to initiate the attack remotely. Upgrading to version 1.0.0...
CVE-2017-20160
CVE-2017-20160 affects flitto express-param up to 0.x, due to improper handling of extra parameters in lib/fetchParams.js. The issue can be exploited remotely, and upgrading to version 1.0.0 addresses it; the patch is identified as db94f7391ad0a16dcfcba8b9be1af385b25c42db (VDB-217149).