Vulnerability	Vulnerable Version
M Filter Bypass express-validator is an express.js middleware for validator.js. Affected versions of this package are vulnerable to Filter Bypass. `express-validator` by default does not sanitize arrays or non-string values. This vulnerability could be leveraged by an attacker to bypass express-validator protections and inject malicious JavaScript into a webpage. POC `const express = require("express"); const app = express(); const { sanitizeQuery } = require("express-validator/filter"); app.get( "/", [sanitizeQuery("id").escape()], async (req, res) => { res.send("id is " + req.query.id); } ); app.listen(8080, function() { console.log("server running on 8080"); }); //the server object listens on port 8080` Sending an HTTP request such as `http://URL:8080/?id[]=<script>alert('XSS')</script>` will result in execution of JavaScript successfully bypassing the module. How to fix Filter Bypass? Upgrade `express-validator` to version 6.0.0 or higher.	>=4.2.1 <6.0.0

Filter Bypass

express-validator is an express.js middleware for validator.js.

Affected versions of this package are vulnerable to Filter Bypass. express-validator by default does not sanitize arrays or non-string values. This vulnerability could be leveraged by an attacker to bypass express-validator protections and inject malicious JavaScript into a webpage.

POC

const express = require("express");
const app = express();
const { sanitizeQuery } = require("express-validator/filter");

app.get(
  "/",
  [sanitizeQuery("id").escape()],
  async (req, res) => {
    res.send("id is " + req.query.id);
  }
);

app.listen(8080, function() {
  console.log("server running on 8080");
}); //the server object listens on port 8080

Sending an HTTP request such as http://URL:8080/?id[]=<script>alert('XSS')</script> will result in execution of JavaScript successfully bypassing the module.

How to fix Filter Bypass?

Upgrade express-validator to version 6.0.0 or higher.

>=4.2.1 <6.0.0

Go back to all versions of this package