Lucene search

Sencha Security Vulnerabilities

cve

CVE-2007-6758

Server-side request forgery (SSRF) vulnerability in feed-proxy.php in extjs 5.0.0.

7.5CVSS

7.5AI Score

0.007EPSS

2020-01-23 04:15 PM

cve

CVE-2013-4691

Sencha Labs Connect has XSS with connect.methodOverride()

6.1CVSS

6AI Score

0.001EPSS

2019-12-27 04:15 PM

cve

CVE-2013-7370

node-connect before 2.8.1 has XSS in the Sencha Labs Connect middleware

6.1CVSS

5.7AI Score

0.004EPSS

2019-12-11 02:15 PM

cve

CVE-2013-7371

node-connects before 2.8.2 has cross site scripting in Sencha Labs Connect middleware (vulnerability due to incomplete fix for CVE-2013-7370)

6.1CVSS

6AI Score

0.004EPSS

2019-12-11 03:15 PM

cve

CVE-2018-3717

connect node module before 2.14.0 suffers from a Cross-Site Scripting (XSS) vulnerability due to a lack of validation of file in directory.js middleware.

5.4CVSS

5.1AI Score

0.001EPSS

2018-06-07 02:29 AM

cve

CVE-2018-8046

The getTip() method of Action Columns of Sencha Ext JS 4 to 6 before 6.6.0 is vulnerable to XSS attacks, even when passed HTML-escaped data. This framework brings no built-in XSS protection, so the developer has to ensure that data is correctly sanitized. However, the getTip() method of Action Colu...

6.1CVSS

5.8AI Score

0.001EPSS

2018-07-05 08:29 PM