CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-6393

The Express web framework before 3.11 and 4.x before 4.5 for Node.js does not provide a charset field in HTTP Content-Type headers in 400 level responses, which might allow remote attackers to conduct cross-site scripting (XSS) attacks via characters in a non-standard encoding.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 52.0%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

Products affected by CVE-2014-6393

Openjsf » Express » Version: N/A

cpe:2.3:a:openjsf:express:-
Openjsf » Express » Version: 0.0.1

cpe:2.3:a:openjsf:express:0.0.1
Openjsf » Express » Version: 0.0.2

cpe:2.3:a:openjsf:express:0.0.2
Openjsf » Express » Version: 0.1.0

cpe:2.3:a:openjsf:express:0.1.0
Openjsf » Express » Version: 0.10.0

cpe:2.3:a:openjsf:express:0.10.0
Openjsf » Express » Version: 0.10.1

cpe:2.3:a:openjsf:express:0.10.1
Openjsf » Express » Version: 0.11.0

cpe:2.3:a:openjsf:express:0.11.0
Openjsf » Express » Version: 0.12.0

cpe:2.3:a:openjsf:express:0.12.0
Openjsf » Express » Version: 0.13.0

cpe:2.3:a:openjsf:express:0.13.0
Openjsf » Express » Version: 0.14.0

cpe:2.3:a:openjsf:express:0.14.0
Openjsf » Express » Version: 0.14.1

cpe:2.3:a:openjsf:express:0.14.1
Openjsf » Express » Version: 0.2.0

cpe:2.3:a:openjsf:express:0.2.0
Openjsf » Express » Version: 0.2.1

cpe:2.3:a:openjsf:express:0.2.1
Openjsf » Express » Version: 0.3.0

cpe:2.3:a:openjsf:express:0.3.0
Openjsf » Express » Version: 0.4.0

cpe:2.3:a:openjsf:express:0.4.0
Openjsf » Express » Version: 0.5.0

cpe:2.3:a:openjsf:express:0.5.0
Openjsf » Express » Version: 0.6.0

cpe:2.3:a:openjsf:express:0.6.0
Openjsf » Express » Version: 0.7.0

cpe:2.3:a:openjsf:express:0.7.0
Openjsf » Express » Version: 0.7.1

cpe:2.3:a:openjsf:express:0.7.1
Openjsf » Express » Version: 0.7.2

cpe:2.3:a:openjsf:express:0.7.2
Openjsf » Express » Version: 0.7.3

cpe:2.3:a:openjsf:express:0.7.3
Openjsf » Express » Version: 0.7.4

cpe:2.3:a:openjsf:express:0.7.4
Openjsf » Express » Version: 0.7.5

cpe:2.3:a:openjsf:express:0.7.5
Openjsf » Express » Version: 0.7.6

cpe:2.3:a:openjsf:express:0.7.6
Openjsf » Express » Version: 0.8.0

cpe:2.3:a:openjsf:express:0.8.0
Openjsf » Express » Version: 0.9.0

cpe:2.3:a:openjsf:express:0.9.0
Openjsf » Express » Version: 1.0.0

cpe:2.3:a:openjsf:express:1.0.0
Openjsf » Express » Version: 1.0.1

cpe:2.3:a:openjsf:express:1.0.1
Openjsf » Express » Version: 1.0.2

cpe:2.3:a:openjsf:express:1.0.2
Openjsf » Express » Version: 1.0.3

cpe:2.3:a:openjsf:express:1.0.3
Openjsf » Express » Version: 1.0.4

cpe:2.3:a:openjsf:express:1.0.4
Openjsf » Express » Version: 1.0.5

cpe:2.3:a:openjsf:express:1.0.5
Openjsf » Express » Version: 1.0.6

cpe:2.3:a:openjsf:express:1.0.6
Openjsf » Express » Version: 1.0.7

cpe:2.3:a:openjsf:express:1.0.7
Openjsf » Express » Version: 1.0.8

cpe:2.3:a:openjsf:express:1.0.8
Openjsf » Express » Version: 1.0.9

cpe:2.3:a:openjsf:express:1.0.9
Openjsf » Express » Version: 2.0.0

cpe:2.3:a:openjsf:express:2.0.0
Openjsf » Express » Version: 2.1.0

cpe:2.3:a:openjsf:express:2.1.0
Openjsf » Express » Version: 2.1.1

cpe:2.3:a:openjsf:express:2.1.1
Openjsf » Express » Version: 2.2.0

cpe:2.3:a:openjsf:express:2.2.0
Openjsf » Express » Version: 2.2.1

cpe:2.3:a:openjsf:express:2.2.1
Openjsf » Express » Version: 2.2.2

cpe:2.3:a:openjsf:express:2.2.2
Openjsf » Express » Version: 2.3.0

cpe:2.3:a:openjsf:express:2.3.0
Openjsf » Express » Version: 2.3.1

cpe:2.3:a:openjsf:express:2.3.1
Openjsf » Express » Version: 2.3.10

cpe:2.3:a:openjsf:express:2.3.10
Openjsf » Express » Version: 2.3.11

cpe:2.3:a:openjsf:express:2.3.11
Openjsf » Express » Version: 2.3.12

cpe:2.3:a:openjsf:express:2.3.12
Openjsf » Express » Version: 2.3.2

cpe:2.3:a:openjsf:express:2.3.2
Openjsf » Express » Version: 2.3.3

cpe:2.3:a:openjsf:express:2.3.3
Openjsf » Express » Version: 2.3.4

cpe:2.3:a:openjsf:express:2.3.4
Openjsf » Express » Version: 2.3.5

cpe:2.3:a:openjsf:express:2.3.5
Openjsf » Express » Version: 2.3.6

cpe:2.3:a:openjsf:express:2.3.6
Openjsf » Express » Version: 2.3.7

cpe:2.3:a:openjsf:express:2.3.7
Openjsf » Express » Version: 2.3.8

cpe:2.3:a:openjsf:express:2.3.8
Openjsf » Express » Version: 2.3.9

cpe:2.3:a:openjsf:express:2.3.9
Openjsf » Express » Version: 2.4.0

cpe:2.3:a:openjsf:express:2.4.0
Openjsf » Express » Version: 2.4.1

cpe:2.3:a:openjsf:express:2.4.1
Openjsf » Express » Version: 2.4.2

cpe:2.3:a:openjsf:express:2.4.2
Openjsf » Express » Version: 2.4.3

cpe:2.3:a:openjsf:express:2.4.3
Openjsf » Express » Version: 2.4.4

cpe:2.3:a:openjsf:express:2.4.4
Openjsf » Express » Version: 2.4.5

cpe:2.3:a:openjsf:express:2.4.5
Openjsf » Express » Version: 2.4.7

cpe:2.3:a:openjsf:express:2.4.7
Openjsf » Express » Version: 2.5.0

cpe:2.3:a:openjsf:express:2.5.0
Openjsf » Express » Version: 2.5.1

cpe:2.3:a:openjsf:express:2.5.1
Openjsf » Express » Version: 2.5.10

cpe:2.3:a:openjsf:express:2.5.10
Openjsf » Express » Version: 2.5.11

cpe:2.3:a:openjsf:express:2.5.11
Openjsf » Express » Version: 2.5.2

cpe:2.3:a:openjsf:express:2.5.2
Openjsf » Express » Version: 2.5.3

cpe:2.3:a:openjsf:express:2.5.3
Openjsf » Express » Version: 2.5.4

cpe:2.3:a:openjsf:express:2.5.4
Openjsf » Express » Version: 2.5.9

cpe:2.3:a:openjsf:express:2.5.9
Openjsf » Express » Version: 3.0.0

cpe:2.3:a:openjsf:express:3.0.0
Openjsf » Express » Version: 3.0.1

cpe:2.3:a:openjsf:express:3.0.1
Openjsf » Express » Version: 3.0.2

cpe:2.3:a:openjsf:express:3.0.2
Openjsf » Express » Version: 3.0.3

cpe:2.3:a:openjsf:express:3.0.3
Openjsf » Express » Version: 3.0.4

cpe:2.3:a:openjsf:express:3.0.4
Openjsf » Express » Version: 3.0.5

cpe:2.3:a:openjsf:express:3.0.5
Openjsf » Express » Version: 3.0.6

cpe:2.3:a:openjsf:express:3.0.6
Openjsf » Express » Version: 3.1.0

cpe:2.3:a:openjsf:express:3.1.0
Openjsf » Express » Version: 3.1.1

cpe:2.3:a:openjsf:express:3.1.1
Openjsf » Express » Version: 3.1.2

cpe:2.3:a:openjsf:express:3.1.2
Openjsf » Express » Version: 3.10.0

cpe:2.3:a:openjsf:express:3.10.0
Openjsf » Express » Version: 3.10.1

cpe:2.3:a:openjsf:express:3.10.1
Openjsf » Express » Version: 3.10.2

cpe:2.3:a:openjsf:express:3.10.2
Openjsf » Express » Version: 3.10.3

cpe:2.3:a:openjsf:express:3.10.3
Openjsf » Express » Version: 3.10.4

cpe:2.3:a:openjsf:express:3.10.4
Openjsf » Express » Version: 3.10.5

cpe:2.3:a:openjsf:express:3.10.5
Openjsf » Express » Version: 3.2.0

cpe:2.3:a:openjsf:express:3.2.0
Openjsf » Express » Version: 3.2.1

cpe:2.3:a:openjsf:express:3.2.1
Openjsf » Express » Version: 3.2.2

cpe:2.3:a:openjsf:express:3.2.2
Openjsf » Express » Version: 3.2.3

cpe:2.3:a:openjsf:express:3.2.3
Openjsf » Express » Version: 3.2.4

cpe:2.3:a:openjsf:express:3.2.4
Openjsf » Express » Version: 3.2.5

cpe:2.3:a:openjsf:express:3.2.5
Openjsf » Express » Version: 3.2.6

cpe:2.3:a:openjsf:express:3.2.6
Openjsf » Express » Version: 3.3.0

cpe:2.3:a:openjsf:express:3.3.0
Openjsf » Express » Version: 3.3.1

cpe:2.3:a:openjsf:express:3.3.1
Openjsf » Express » Version: 3.3.2

cpe:2.3:a:openjsf:express:3.3.2
Openjsf » Express » Version: 3.3.3

cpe:2.3:a:openjsf:express:3.3.3
Openjsf » Express » Version: 3.3.4

cpe:2.3:a:openjsf:express:3.3.4
Openjsf » Express » Version: 3.3.5

cpe:2.3:a:openjsf:express:3.3.5
Openjsf » Express » Version: 3.3.6

cpe:2.3:a:openjsf:express:3.3.6
Openjsf » Express » Version: 3.3.7

cpe:2.3:a:openjsf:express:3.3.7
Openjsf » Express » Version: 3.3.8

cpe:2.3:a:openjsf:express:3.3.8
Openjsf » Express » Version: 3.4.0

cpe:2.3:a:openjsf:express:3.4.0
Openjsf » Express » Version: 3.4.1

cpe:2.3:a:openjsf:express:3.4.1
Openjsf » Express » Version: 3.4.2

cpe:2.3:a:openjsf:express:3.4.2
Openjsf » Express » Version: 3.4.3

cpe:2.3:a:openjsf:express:3.4.3
Openjsf » Express » Version: 3.4.4

cpe:2.3:a:openjsf:express:3.4.4
Openjsf » Express » Version: 3.4.5

cpe:2.3:a:openjsf:express:3.4.5
Openjsf » Express » Version: 3.4.6

cpe:2.3:a:openjsf:express:3.4.6
Openjsf » Express » Version: 3.4.7

cpe:2.3:a:openjsf:express:3.4.7
Openjsf » Express » Version: 3.4.8

cpe:2.3:a:openjsf:express:3.4.8
Openjsf » Express » Version: 3.5.0

cpe:2.3:a:openjsf:express:3.5.0
Openjsf » Express » Version: 3.5.1

cpe:2.3:a:openjsf:express:3.5.1
Openjsf » Express » Version: 3.5.2

cpe:2.3:a:openjsf:express:3.5.2
Openjsf » Express » Version: 3.5.3

cpe:2.3:a:openjsf:express:3.5.3
Openjsf » Express » Version: 3.6.0

cpe:2.3:a:openjsf:express:3.6.0
Openjsf » Express » Version: 3.7.0

cpe:2.3:a:openjsf:express:3.7.0
Openjsf » Express » Version: 3.8.0

cpe:2.3:a:openjsf:express:3.8.0
Openjsf » Express » Version: 3.8.1

cpe:2.3:a:openjsf:express:3.8.1
Openjsf » Express » Version: 3.9.0

cpe:2.3:a:openjsf:express:3.9.0
Openjsf » Express » Version: 4.0.0

cpe:2.3:a:openjsf:express:4.0.0
Openjsf » Express » Version: 4.1.0

cpe:2.3:a:openjsf:express:4.1.0
Openjsf » Express » Version: 4.1.1

cpe:2.3:a:openjsf:express:4.1.1
Openjsf » Express » Version: 4.1.2

cpe:2.3:a:openjsf:express:4.1.2
Openjsf » Express » Version: 4.2.0

cpe:2.3:a:openjsf:express:4.2.0
Openjsf » Express » Version: 4.3.0

cpe:2.3:a:openjsf:express:4.3.0
Openjsf » Express » Version: 4.3.1

cpe:2.3:a:openjsf:express:4.3.1
Openjsf » Express » Version: 4.3.2

cpe:2.3:a:openjsf:express:4.3.2
Openjsf » Express » Version: 4.4.0

cpe:2.3:a:openjsf:express:4.4.0
Openjsf » Express » Version: 4.4.1

cpe:2.3:a:openjsf:express:4.4.1
Openjsf » Express » Version: 4.4.2

cpe:2.3:a:openjsf:express:4.4.2
Openjsf » Express » Version: 4.4.3

cpe:2.3:a:openjsf:express:4.4.3
Openjsf » Express » Version: 4.4.4

cpe:2.3:a:openjsf:express:4.4.4
Openjsf » Express » Version: 4.4.5

cpe:2.3:a:openjsf:express:4.4.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-6393

Products

Pricing

Contact Us