Vulnerabilities > Openjsf > Express > 4.14.0

DATE CVE VULNERABILITY TITLE RISK
2024-09-10 CVE-2024-43796 Cross-site Scripting vulnerability in Openjsf Express
Express.js minimalist web framework for node.
network
high complexity
openjsf CWE-79
4.7
4.7
2022-11-26 CVE-2022-24999 qs before 6.10.3, as used in Express before 4.17.3 and other products, allows attackers to cause a Node process hang for an Express application because an __ proto__ key can be used.
network
low complexity
qs-project openjsf debian
7.5
7.5