CVE-2024-43800 | expressjs serve-static up to 1.15.x/2.0.x redirect cross site scripting (GHSA-cm22-4g7w-348p)

Posted by Angelo Barbosa | Sep 10, 2024 | CVE

A vulnerability was found in expressjs serve-static up to 1.15.x/2.0.x and classified as problematic. This issue affects the function redirect. The manipulation leads to cross site scripting.

The identification of this vulnerability is CVE-2024-43800. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-43800 | expressjs serve-static up to 1.15.x/2.0.x redirect cross site scripting (GHSA-cm22-4g7w-348p)

Related Posts

CVE-2024-8146 | code-projects Pharmacy Management System 1.0 index.php id sql injection

CVE-2024-22241 | VMware Aria Operations for Networks prior 6.12 cross site scripting (VMSA-2024-0002)

CVE-2024-3797 | SourceCodester QR Code Bookmark System 1.0 delete-bookmark.php bookmark sql injection

CVE-2024-44335 | D-Link DI-7400G+V2 version_upgrade.asp Privilege Escalation