Description
A path traversal vulnerability in <= v0.2.6 of http-file-server npm module allows attackers to list files in arbitrary folders.
Remediation
References
https://hackerone.com/reports/570133
Related Vulnerabilities
CVE-2020-7693 Vulnerability in maven package org.webjars.npm:sockjs
CVE-2021-39153 Vulnerability in maven package com.thoughtworks.xstream:xstream
CVE-2023-49798 Vulnerability in npm package @openzeppelin/contracts
CVE-2022-41946 Vulnerability in maven package org.postgresql:postgresql
CVE-2018-1000548 Vulnerability in maven package com.umlet:umlet-swing