CVE-2024-43796

Express.js minimalist web framework for node. In express < 4.20.0, passing untrusted user input - even after sanitizing it - to response.redirect() may execute untrusted code. This issue is patched in express 4.20.0.

CVSS v3 4.7 MEDIUM

4.7^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.6 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553	Patch
https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:openjsf:express::::::node.js::*
	cpe:2.3:a:openjsf:express:5.0.0:alpha1::::node.js::*
	cpe:2.3:a:openjsf:express:5.0.0:alpha2::::node.js::*
	cpe:2.3:a:openjsf:express:5.0.0:alpha3::::node.js::*
	cpe:2.3:a:openjsf:express:5.0.0:alpha4::::node.js::*
	cpe:2.3:a:openjsf:express:5.0.0:alpha5::::node.js::*
	cpe:2.3:a:openjsf:express:5.0.0:alpha6::::node.js::*
	cpe:2.3:a:openjsf:express:5.0.0:alpha7::::node.js::*
	cpe:2.3:a:openjsf:express:5.0.0:alpha8::::node.js::*
	cpe:2.3:a:openjsf:express:5.0.0:beta1::::node.js::*
	cpe:2.3:a:openjsf:express:5.0.0:beta2::::node.js::*
	cpe:2.3:a:openjsf:express:5.0.0:beta3::::node.js::*

History

20 Sep 2024, 16:07

Type	Values Removed	Values Added
References	~~() https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553 -~~	() https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553 - Patch
References	~~() https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx -~~	() https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx - Vendor Advisory
CPE		cpe:2.3:a:openjsf:express:5.0.0:alpha4::::node.js::* cpe:2.3:a:openjsf:express:5.0.0:alpha8::::node.js::* cpe:2.3:a:openjsf:express:5.0.0:beta3::::node.js::* cpe:2.3:a:openjsf:express:5.0.0:beta2::::node.js::* cpe:2.3:a:openjsf:express:5.0.0:beta1::::node.js::* cpe:2.3:a:openjsf:express::::::node.js::* cpe:2.3:a:openjsf:express:5.0.0:alpha2::::node.js::* cpe:2.3:a:openjsf:express:5.0.0:alpha5::::node.js::* cpe:2.3:a:openjsf:express:5.0.0:alpha7::::node.js::* cpe:2.3:a:openjsf:express:5.0.0:alpha1::::node.js::* cpe:2.3:a:openjsf:express:5.0.0:alpha3::::node.js::* cpe:2.3:a:openjsf:express:5.0.0:alpha6::::node.js::*
CVSS	v2 : ~~unknown~~ v3 : ~~5.0~~	v2 : unknown v3 : 4.7
Summary		(es) Express.js, el framework web minimalista para Node. En Express anterior a la versión 4.20.0, pasar una entrada de usuario no confiable (incluso después de desinfectarla) a response.redirect() puede ejecutar código no confiable. Este problema se solucionó en Express 4.20.0.
First Time		Openjsf express Openjsf

10 Sep 2024, 15:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-09-10 15:15

Updated : 2024-09-20 16:07

NVD link : CVE-2024-43796

Mitre link : CVE-2024-43796

CVE.ORG link : CVE-2024-43796

JSON object : View

Products Affected

openjsf

express

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

4.7 /10