Lucene search
K
SenchaConnect

4 matches found

CVE
CVE
added 2019/12/11 1:55 p.m.77 views

CVE-2013-7370

CVE-2013-7370 concerns node-connect before 2.8.1, which has an XSS vulnerability in the Sencha Labs Connect middleware. Affected component: node-connect (Sencha Connect middleware). Root cause/impact: XSS in the middleware could reflect or inject script via user input; exploitation status is not ...

6.1CVSS5.7AI score0.01417EPSS
CVE
CVE
added 2018/06/07 2:0 a.m.75 views

CVE-2018-3717

The CVE-2018-3717 entry concerns the connect Node.js middleware, where a Cross-Site Scripting (XSS) vulnerability exists due to lack of validation of files in the directory.js middleware. Affected versions are prior to 2.14.0. The underlying issue is inadequate input validation in directory.js, e...

5.4CVSS5.1AI score0.01315EPSS
CVE
CVE
added 2019/12/27 3:39 p.m.70 views

CVE-2013-4691

The CVE-2013-4691 entry documents an XSS vulnerability in Sencha Labs Connect (Node.js HTTP server framework) via the connect.methodOverride() function. The root cause is a lack of proper validation of client-supplied data by the web application, enabling potential execution of client-side code. ...

6.1CVSS6AI score0.00649EPSS
CVE
CVE
added 2019/12/11 2:4 p.m.70 views

CVE-2013-7371

CVE-2013-7371 affects node-connects prior to 2.8.2, where a cross-site scripting vulnerability exists in the Sencha Labs Connect middleware (resulting from an incomplete fix for CVE-2013-7370). Impact is XSS via the Connect middleware as described in multiple sources. A remediation is to update t...

6.1CVSS6AI score0.01435EPSS