VYPR
Medium severity4.7GHSA Advisory· Published Oct 3, 2024· Updated Apr 15, 2026

CVE-2024-9266

CVE-2024-9266

Description

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Express. This vulnerability affects the use of the Express Response object. This issue impacts Express: from 3.4.5 before 4.0.0.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
expressnpm
>= 3.4.5, < 4.0.0-rc14.0.0-rc1

Affected products

9

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.