Vulnerabilities > Sencha

DATE CVE VULNERABILITY TITLE RISK
2020-01-23 CVE-2007-6758 Server-Side Request Forgery (SSRF) vulnerability in Sencha EXT JS 5.0.0
Server-side request forgery (SSRF) vulnerability in feed-proxy.php in extjs 5.0.0.
network
low complexity
sencha CWE-918
5.0
5.0
2019-12-27 CVE-2013-4691 Cross-site Scripting vulnerability in Sencha Connect
Sencha Labs Connect has XSS with connect.methodOverride()
network
sencha CWE-79
4.3
4.3
2019-12-11 CVE-2013-7371 Cross-site Scripting vulnerability in multiple products
node-connects before 2.8.2 has cross site scripting in Sencha Labs Connect middleware (vulnerability due to incomplete fix for CVE-2013-7370)
network
sencha debian CWE-79
4.3
4.3
2019-12-11 CVE-2013-7370 Cross-site Scripting vulnerability in multiple products
node-connect before 2.8.1 has XSS in the Sencha Labs Connect middleware 		4.3
4.3
2018-07-05 CVE-2018-8046 Cross-site Scripting vulnerability in Sencha EXT JS
The getTip() method of Action Columns of Sencha Ext JS 4 to 6 before 6.6.0 is vulnerable to XSS attacks, even when passed HTML-escaped data.
network
sencha CWE-79
4.3
4.3
2018-06-07 CVE-2018-3717 Cross-site Scripting vulnerability in Sencha Connect
connect node module before 2.14.0 suffers from a Cross-Site Scripting (XSS) vulnerability due to a lack of validation of file in directory.js middleware.
network
low complexity
sencha CWE-79
5.4
5.4