Description
Cross-site scripting (XSS) vulnerability in min-http-server (all versions) allows an attacker with access to the server file system to execute arbitrary JavaScript code in victim's browser.
Remediation
References
https://hackerone.com/reports/570568
Related Vulnerabilities
CVE-2021-33829 Vulnerability in npm package ckeditor4
CVE-2020-7681 Vulnerability in npm package marscode
CVE-2021-43980 Vulnerability in maven package org.apache.tomcat:tomcat
CVE-2021-23346 Vulnerability in npm package html-parse-stringify2
CVE-2023-24620 Vulnerability in maven package com.esotericsoftware.yamlbeans:yamlbeans