Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openjsf express 4.2.0 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2014-6393
The Express web framework prior to 3.11 and 4.x prior to 4.5 for Node.js does not provide a charset field in HTTP Content-Type headers in 400 level responses, which might allow remote malicious users to conduct cross-site scripting (XSS) attacks via characters in a non-standard e...