Description
Path traversal vulnerability in version up to v1.1.3 in serve-here.js npm module allows attackers to list any file in arbitrary folder.
Remediation
References
https://hackerone.com/reports/569966
Related Vulnerabilities
CVE-2020-17521 Vulnerability in maven package org.codehaus.groovy:groovy
CVE-2020-17510 Vulnerability in maven package org.apache.shiro:shiro-spring-boot-web-starter
CVE-2019-10792 Vulnerability in npm package bodymen
CVE-2022-27260 Vulnerability in npm package buttercms
CVE-2022-27340 Vulnerability in maven package net.mingsoft:ms-mcms