Description
A path traversal vulnerability was found in module static-resource-server 1.7.2 that allows unauthorized read access to any file on the server by appending slashes in the URL.
Remediation
References
https://hackerone.com/reports/432600
Related Vulnerabilities
CVE-2023-49381 Vulnerability in maven package com.jfinal:jfinal
CVE-2022-31070 Vulnerability in npm package @finastra/nestjs-proxy
CVE-2017-16218 Vulnerability in npm package dgard8.lab6
CVE-2020-27224 Vulnerability in npm package @theia/preview
CVE-2016-5005 Vulnerability in maven package org.apache.archiva:archiva