Description
serve node module suffers from Improper Handling of URL Encoding by permitting access to ignored files if a filename is URL encoded.
Remediation
References
https://hackerone.com/reports/308721
Related Vulnerabilities
CVE-2023-45648 Vulnerability in maven package org.apache.tomcat:tomcat
CVE-2023-46122 Vulnerability in maven package org.scala-sbt:io_3
CVE-2023-50732 Vulnerability in maven package org.xwiki.platform:xwiki-platform-index-tree-macro
CVE-2021-21290 Vulnerability in maven package io.netty:netty-transport
CVE-2022-31129 Vulnerability in maven package org.webjars.bower:momentjs