CVE-2013-7371 — CVSS 6.1 (medium): node-connects before 2.8.2 has cross site scripting in Sencha Labs Connect middleware (vulnerability due to incomplete fix for…
CVE-2018-3717 — CVSS 5.4 (medium): connect node module before 2.14.0 suffers from a Cross-Site Scripting (XSS) vulnerability due to a lack of validation of file in…