Known Vulnerabilities for products from Sencha
Listed below are 7 of the newest known vulnerabilities associated with the vendor "Sencha".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-23331 json | This affects all versions of package com.squareup:connect. The method prepareDownloadFilecreates creates a temporary file wit... | 3.3 - LOW | 2021-02-03 | 2022-04-08 |
| CVE-2018-8046 json | The getTip() method of Action Columns of Sencha Ext JS 4 to 6 before 6.6.0 is vulnerable to XSS attacks, even when passed HTM... | 6.1 - MEDIUM | 2018-07-05 | 2018-09-04 |
| CVE-2018-3717 json | connect node module before 2.14.0 suffers from a Cross-Site Scripting (XSS) vulnerability due to a lack of validation of file... | 5.4 - MEDIUM | 2018-06-07 | 2023-02-28 |
| CVE-2013-7371 json | node-connects before 2.8.2 has cross site scripting in Sencha Labs Connect middleware (vulnerability due to incomplete fix fo... | 6.1 - MEDIUM | 2019-12-11 | 2019-12-16 |
| CVE-2013-7370 json | node-connect before 2.8.1 has XSS in the Sencha Labs Connect middleware | 6.1 - MEDIUM | 2019-12-11 | 2019-12-17 |
| CVE-2013-4691 json | Sencha Labs Connect has XSS with connect.methodOverride() | 6.1 - MEDIUM | 2019-12-27 | 2020-01-04 |
| CVE-2007-6758 json | Server-side request forgery (SSRF) vulnerability in feed-proxy.php in extjs 5.0.0. | 7.5 - HIGH | 2020-01-23 | 2021-01-28 |