Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
express vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2014-6393
The Express web framework prior to 3.11 and 4.x prior to 4.5 for Node.js does not provide a charset field in HTTP Content-Type headers in 400 level responses, which might allow remote malicious users to conduct cross-site scripting (XSS) attacks via characters in a non-standard e...