Express.js — CWE-1286

All Frameworks › Express.js › CWE-1286

1 CVEs categorized as CWE-1286 in Express.js.

CVE-2024-29041MEDIUM2024

Express.js minimalist web framework for node. Versions of Express.js prior to 4.19.0 and all pre-release alpha and beta versions of 5.0 are affected by an open redirect vulnerability using malformed URLs. When a user of Express performs a redirect using a user-provided URL Express performs an encode…