Description
The seefl package v0.1.1 is vulnerable to a stored Cross-Site Scripting (XSS) vulnerability via a malicious filename rendered in a directory listing.
Remediation
References
https://hackerone.com/reports/665302
Related Vulnerabilities
CVE-2020-8127 Vulnerability in maven package org.webjars:reveal.js
CVE-2020-7721 Vulnerability in npm package node-oojs
CVE-2020-7677 Vulnerability in npm package thenify
CVE-2022-41250 Vulnerability in maven package com.meowlomo.jenkins:scm-httpclient
CVE-2020-28500 Vulnerability in maven package org.fujion.webjars:lodash