← Back to CVE List
CVE-2018-3717
Published:
2018-06-07T02:29Z
Last Modified:
2024-11-21T04:05Z
Source:
MITRE CVE List
License:
MITRE-CVE-TOS
connect node module before 2.14.0 suffers from a Cross-Site Scripting (XSS) vulnerability due to a lack of validation of file in directory.js middleware. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt