Description
fsk-server is a simple http server. fsk-server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
Remediation
References
https://nodesecurity.io/advisories/345
https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/fsk-server
Related Vulnerabilities
CVE-2021-23518 Vulnerability in npm package cached-path-relative
CVE-2022-43402 Vulnerability in maven package org.jenkins-ci.plugins.workflow:workflow-cps
CVE-2020-5258 Vulnerability in maven package org.webjars.bowergithub.dojo:dojo
CVE-2023-49210 Vulnerability in npm package openssl
CVE-2021-28164 Vulnerability in maven package org.eclipse.jetty:jetty-webapp