Known CVE vulnerabilities and GitHub Security Advisories affecting the npm package sails, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (3)
CVE-2021-44908 — CVSS 9.8 (critical): SailsJS Sails.js <=1.4.0 is vulnerable to Prototype Pollution via controller/load-action-modules.js, function loadActionModules().
CVE-2023-38504 — CVSS 7.5 (high): Sails is a realtime MVC Framework for Node.js. In Sails apps prior to version 1.5.7,, an attacker can send a virtual request that will…
CVE-2016-10549 — CVSS 4.4 (medium): Sails is an MVC style framework for building realtime web applications. Version 0.12.7 and lower have an issue with the CORS configuration…