Identifier

CVE-2018-21036

Package Slug

npm/sails

Vulnerability

Improper Input Validation

Description

Sails.js allows attackers to cause a denial of service with a single request because there is no error handler in sails-hook-sockets to handle an empty pathname in a WebSocket request.

Affected Versions

All versions before 1.0.1

Solution

Upgrade to version 1.0.1 or above.

Last Modified

2020-07-24

source