CVE-2018-21036
Published
CVSS v3
7.5
HIGH
CVSS v2
5
MEDIUM
Affected
2
PROJECTS
Description
Sails.js before v1.0.0-46 allows attackers to cause a denial of service with a single request because there is no error handler in sails-hook-sockets to handle an empty pathname in a WebSocket request.
GitHub