4 matches found
Node Connect Reflected Cross-Site Scripting in Sencha Labs Connect middleware
node-connect before 2.8.2 has cross site scripting in Sencha Labs Connect middleware vulnerability due to incomplete fix for CVE-2013-7370 Overview Connect is a stack of middleware that is executed in order in each request. The "methodOverride" middleware allows the http post to override the meth...
methodOverride Middleware Reflected Cross-Site Scripting in connect
Connect is a stack of middleware that is executed in order in each request. The "methodOverride" middleware allows the http post to override the method of the request with the value of the "method" post key or with the header "x-http-method-override". Because the user post input was not checked,...
Xxe
Sencha Labs Connect has XSS with connect.methodOverride...
methodOverride Middleware Reflected Cross-Site Scripting
Overview Connect is a stack of middleware that is executed in order in each request. The "methodOverride" middleware allows the http post to override the method of the request with the value of the "method" post key or with the header "x-http-method-override". Because the user post input was not...