Sencha Connect vulnerabilities

CVE-2013-7371 [MEDIUM] CVE-2013-7371: node-connects before 2.8.2 has cross site scripting in Sencha Labs Connect middleware (vulnerability node-connects before 2.8.2 has cross site scripting in Sencha Labs Connect middleware (vulnerability due to incomplete fix for CVE-2013-7370)

CVE-2013-7370 [MEDIUM] CWE-79 CVE-2013-7370: node-connect before 2.8.1 has XSS in the Sencha Labs Connect middleware node-connect before 2.8.1 has XSS in the Sencha Labs Connect middleware

CVE-2018-3717 [MEDIUM] CWE-79 CVE-2018-3717: connect node module before 2.14.0 suffers from a Cross-Site Scripting (XSS) vulnerability due to a l connect node module before 2.14.0 suffers from a Cross-Site Scripting (XSS) vulnerability due to a lack of validation of file in directory.js middleware.