Description
public node module suffers from a Path Traversal vulnerability due to lack of validation of filePath, which allows a malicious user to read content of any file with known path.
Remediation
References
https://hackerone.com/reports/312918
Related Vulnerabilities
CVE-2023-35145 Vulnerability in maven package org.jenkins-ci.plugins:sonargraph-integration
CVE-2023-7078 Vulnerability in npm package miniflare
CVE-2020-21122 Vulnerability in maven package com.bstek.ureport:ureport2-console
CVE-2021-23452 Vulnerability in npm package x-assign
CVE-2020-9498 Vulnerability in maven package org.apache.guacamole:guacamole