Product
high
advisory
i18next-http-middleware Prototype Pollution and Path Traversal Vulnerability
2 rules 2 TTPsVersions of i18next-http-middleware before 3.9.3 are vulnerable to prototype pollution, path traversal, and server-side request forgery (SSRF) due to improper validation of user-controlled language and namespace parameters, potentially leading to denial of service or remote code execution.
i18next-http-middleware
prototype-pollution
path-traversal
ssrf
denial-of-service
i18next
2r
2t
medium
advisory
i18next-http-middleware HTTP Response Splitting and DoS Vulnerability
2 rules 1 TTPi18next-http-middleware versions before 3.9.3 are vulnerable to HTTP response splitting and denial-of-service attacks due to unsanitized Content-Language headers, potentially leading to session fixation, cache poisoning, reflected XSS, or complete service disruption depending on the Node.js version.
i18next-http-middleware
crlf-injection
http-response-splitting
denial-of-service
i18next
2r
1t