Description
mfrs is a static file server. mfrs is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
Remediation
References
https://nodesecurity.io/advisories/437
https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/mfrs
Related Vulnerabilities
CVE-2023-47320 Vulnerability in maven package org.silverpeas.core:silverpeas-core-war
CVE-2021-3377 Vulnerability in npm package ansi_up
CVE-2019-5484 Vulnerability in maven package org.webjars.npm:bower
CVE-2022-0671 Vulnerability in maven package org.eclipse.lemminx:lemminx-parent
CVE-2017-3586 Vulnerability in maven package mysql:mysql-connector-java