CVE-2019-15602 · Vexday

CVE-2019-15602

EPSS 0.8%CWE-79

The fileview package v0.1.6 has inadequate output encoding and escaping, which leads to a stored Cross-Site Scripting (XSS) vulnerability in files it serves.

Affected products

n/a · fileview

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://hackerone.com/reports/507159