Vulnerabilities > Openjsf > Express > 4.6.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-10 | CVE-2024-43796 | Cross-site Scripting vulnerability in Openjsf Express Express.js minimalist web framework for node. | 4.7 |
| 2022-11-26 | CVE-2022-24999 | qs before 6.10.3, as used in Express before 4.17.3 and other products, allows attackers to cause a Node process hang for an Express application because an __ proto__ key can be used. | 7.5 |