Lucene search
K

5 matches found

vulnersOsv
vulnersOsv
added 2018/07/26 3:8 p.m.7 views

3vot-salesforce-proxy (>=0.0.1 <=0.1.6), @11thdeg/cyan-next (>=1.0.0 <=1.3.1) +2213 more potentially affected by CVE-2018-3717 via connect (>=0.2.4 <=2.13.1)

connect NPM version =0.2.4, =0.0.1, =1.0.0, =0.25.0, =1.0.4, =1.36.8, =1.0.1, =1.0.0, =0.1.87, =1.0.0, =1.0.10 - @frieman/novisign-dashing =0.1.0 and more Source cves: CVE-2018-3717 Source advisory: OSV:GHSA-RCH9-XH7R-MQGW...

5.4CVSS6AI score0.01315EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2018/06/07 9:19 p.m.26 views

CVE-2018-3717

connect node module before 2.14.0 suffers from a Cross-Site Scripting XSS vulnerability due to a lack of validation of file in directory.js middleware...

6.4CVSS2.7AI score0.01315EPSS
Exploits1References1
NVD
NVD
added 2018/06/07 2:29 a.m.26 views

CVE-2018-3717

connect node module before 2.14.0 suffers from a Cross-Site Scripting XSS vulnerability due to a lack of validation of file in directory.js middleware...

5.4CVSS5.2AI score0.01315EPSS
Exploits1References3
CVE
CVE
added 2018/06/07 2:0 a.m.75 views

CVE-2018-3717

The CVE-2018-3717 entry concerns the connect Node.js middleware, where a Cross-Site Scripting (XSS) vulnerability exists due to lack of validation of files in the directory.js middleware. Affected versions are prior to 2.14.0. The underlying issue is inadequate input validation in directory.js, e...

5.4CVSS5.1AI score0.01315EPSS
Exploits1References3Affected Software1
Debian CVE
Debian CVE
added 2018/06/07 2:0 a.m.25 views

CVE-2018-3717

connect node module before 2.14.0 suffers from a Cross-Site Scripting XSS vulnerability due to a lack of validation of file in directory.js middleware...

5.4CVSS5.3AI score0.01315EPSS
Exploits1
Rows per page
Query Builder