Description
XSS in sexstatic <=0.6.2 causes HTML injection in directory name(s) leads to Stored XSS when malicious file is embed with
Remediation
References
https://hackerone.com/reports/328210
Related Vulnerabilities
CVE-2017-16085 Vulnerability in npm package tinyserver2
CVE-2019-10062 Vulnerability in npm package aurelia-framework
CVE-2021-21413 Vulnerability in npm package isolated-vm
CVE-2023-27162 Vulnerability in maven package org.openapitools:openapi-generator-project
CVE-2023-34610 Vulnerability in maven package com.cedarsoftware:json-io