Описание
node-connects before 2.8.2 has cross site scripting in Sencha Labs Connect middleware (vulnerability due to incomplete fix for CVE-2013-7370)
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| node-connect | not-affected | package |
Примечания
CVE for incomplete fix for CVE-2013-7370, fixed in 2.8.2
EPSS
Процентиль: 68%
0.00579
Низкий
Связанные уязвимости
CVSS3: 6.1
ubuntu
около 6 лет назад
node-connects before 2.8.2 has cross site scripting in Sencha Labs Connect middleware (vulnerability due to incomplete fix for CVE-2013-7370)
CVSS3: 6.1
nvd
около 6 лет назад
node-connects before 2.8.2 has cross site scripting in Sencha Labs Connect middleware (vulnerability due to incomplete fix for CVE-2013-7370)
CVSS3: 6.1
github
почти 4 года назад
Node Connect Reflected Cross-Site Scripting in Sencha Labs Connect middleware
EPSS
Процентиль: 68%
0.00579
Низкий