RSS   Vulnerabilities for 'Hekto'   RSS

2018-06-06
 
CVE-2018-3725

CWE-22
 

 
hekto node module suffers from a Path Traversal vulnerability due to lack of validation of file, which allows a malicious user to read content of any file with known path.

 
2018-06-01
 
CVE-2018-3743

CWE-601
 

 
Open redirect in hekto <=0.2.3 when target domain name is used as html filename on server.

 


Copyright 2024, cxsecurity.com

 

Back to Top