2 matches found
CVE-2018-8046
The CVE-2018-8046 issue affects Sencha Ext JS 4–6 prior to 6.6.0. The getTip() method in Action Columns unescapes HTML-escaped data, enabling cross-site scripting if tooltips contain user-controlled content. Public information confirms vulnerability details and that a fix was released in 6.6.0 (w...
CVE-2007-6758
CVE-2007-6758 describes a Server-Side Request Forgery (SSRF) in feed-proxy.php of ExtJS 5.0.0. Affected component/file: feed-proxy.php; root cause not detailed in available documents beyond SSRF. Impact semantics: CVSS v2 base score 5.0 (MEDIUM) and CVSS v3.1 base score 7.5 (HIGH) with Network ac...