Filtered by vendor Sockjs Project Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2020-8823 1 Sockjs Project 1 Sockjs 2024-11-21 6.1 Medium
htmlfile in lib/transport/htmlfile.js in SockJS before 0.3.0 is vulnerable to Reflected XSS via the /htmlfile c (aka callback) parameter.
CVE-2020-7693 1 Sockjs Project 1 Sockjs 2024-11-21 5.3 Medium
Incorrect handling of Upgrade header with the value websocket leads in crashing of containers hosting sockjs apps. This affects the package sockjs before 0.3.20.