This page lists publicly disclosed CVE vulnerabilities affecting sencha connect (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2013-4691 | Sencha Labs Connect has XSS with connect.methodOverride() | [email protected] | 6.1 | 0.65% | 2019-12-27 | 2026-06-16 |
| CVE-2013-7371 | node-connects before 2.8.2 has cross site scripting in Sencha Labs Connect middleware (vulnerability due to incomplete fix for CVE-2013-7370) | [email protected] | 6.1 | 1.24% | 2019-12-11 | 2026-06-16 |
| CVE-2013-7370 | node-connect before 2.8.1 has XSS in the Sencha Labs Connect middleware | [email protected] | 6.1 | 1.22% | 2019-12-11 | 2026-06-16 |
| CVE-2018-3717 | connect node module before 2.14.0 suffers from a Cross-Site Scripting (XSS) vulnerability due to a lack of validation of file in directory.js middleware. | [email protected] | 5.4 | 1.31% | 2018-06-06 | 2026-06-16 |