CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-10491 – Preload arbitrary resources by injecting additional `Link` headers
https://notcve.org/view.php?id=CVE-2024-10491
29 Oct 2024 — A vulnerability has been identified in the Express response.links function, allowing for arbitrary resource injection in the Link header when unsanitized data is used. The issue arises from improper sanitization in `Link` header values, which can allow a combination of characters like `,`, `;`, and `<>` to preload malicious resources. This vulnerability is especially relevant for dynamic parameters. Se ha identificado una vulnerabilidad en la función response.links de Express, que permite la inyección arbit... • https://www.herodevs.com/vulnerability-directory/cve-2024-10491 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9266 – Open Redirect
https://notcve.org/view.php?id=CVE-2024-9266
03 Oct 2024 — URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Express. This vulnerability affects the use of the Express Response object. This issue impacts Express: from 3.4.5 before 4.0.0. • https://www.herodevs.com/vulnerability-directory/cve-2024-9266 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-43796 – express vulnerable to XSS via response.redirect()
https://notcve.org/view.php?id=CVE-2024-43796
10 Sep 2024 — Express.js minimalist web framework for node. In express < 4.20.0, passing untrusted user input - even after sanitizing it - to response.redirect() may execute untrusted code. This issue is patched in express 4.20.0. Express.js, el framework web minimalista para Node. En Express anterior a la versión 4.20.0, pasar una entrada de usuario no confiable (incluso después de desinfectarla) a response.redirect() puede ejecutar código no confiable. • https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 3%CPEs: 11EXPL: 1CVE-2022-24999 – express: "qs" prototype poisoning causes the hang of the node process
https://notcve.org/view.php?id=CVE-2022-24999
26 Nov 2022 — qs before 6.10.3, as used in Express before 4.17.3 and other products, allows attackers to cause a Node process hang for an Express application because an __ proto__ key can be used. In many typical Express use cases, an unauthenticated remote attacker can place the attack payload in the query string of the URL that is used to visit the application, such as a[__proto__]=b&a[__proto__]&a[length]=100000000. The fix was backported to qs 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, and 6.2.4 (and therefore ... • https://github.com/n8tz/CVE-2022-24999 • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVSS: 6.1EPSS: 0%CPEs: 15EXPL: 0CVE-2014-6393
https://notcve.org/view.php?id=CVE-2014-6393
09 Aug 2017 — The Express web framework before 3.11 and 4.x before 4.5 for Node.js does not provide a charset field in HTTP Content-Type headers in 400 level responses, which might allow remote attackers to conduct cross-site scripting (XSS) attacks via characters in a non-standard encoding. El framework web Express en versiones anteriores a la 3.11 y en versiones 4.x anteriores a la 4.5 para Node.js no proporciona un campo charset en los encabezados HTTP Content-Type en respuestas de nivel 400. Esto permitiría que ataca... • https://bugzilla.redhat.com/show_bug.cgi?id=1203190 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •