CVE-2024-9266

Published Oct 3, 2024

Last updated a month ago

CVSS medium 4.7

Overview

Description
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Express. This vulnerability affects the use of the Express Response object. This issue impacts Express: from 3.4.5 before 4.0.0.
Source
36c7be3b-2937-45df-85ea-ca7133ea542c
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
4.7
Impact score
1.4
Exploitability score
2.8
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N
Severity
MEDIUM

Weaknesses

36c7be3b-2937-45df-85ea-ca7133ea542c
CWE-601

Social media

Hype score
Not currently trending

References