CVE-2018-16493

EPSS 1.8%CWE-548

A path traversal vulnerability was found in module static-resource-server 1.7.2 that allows unauthorized read access to any file on the server by appending slashes in the URL.

Affected products

HackerOne · static-resource-server

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://hackerone.com/reports/432600