CVE-2018-16493

EPSS 1.8%CWE-548

A path traversal vulnerability was found in module static-resource-server 1.7.2 that allows unauthorized read access to any file on the server by appending slashes in the URL.

Productos afectados

HackerOne · static-resource-server

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://hackerone.com/reports/432600