Incorrect handling of Upgrade header with the value websocket leads in crashing of containers hosting sockjs apps. This affects the package sockjs before...
5.3CVSS
5.2AI Score
0.009EPSS
htmlfile in lib/transport/htmlfile.js in SockJS before 0.3.0 is vulnerable to Reflected XSS via the /htmlfile c (aka callback)...
6.1CVSS
5.8AI Score
0.001EPSS