Vulnerabilities > Sencha > Connect > 2.11.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-07 | CVE-2018-3717 | Cross-site Scripting vulnerability in Sencha Connect connect node module before 2.14.0 suffers from a Cross-Site Scripting (XSS) vulnerability due to a lack of validation of file in directory.js middleware. | 5.4 |