RSS   Vulnerabilities for 'Public.js'   RSS

2018-07-03
 
CVE-2018-3747

CWE-79
 

 
The public node module versions <= 1.0.3 allows to embed HTML in file names, which (in certain conditions) might lead to execute malicious JavaScript.

 
2018-06-06
 
CVE-2018-3731

CWE-22
 

 
public node module suffers from a Path Traversal vulnerability due to lack of validation of filePath, which allows a malicious user to read content of any file with known path.

 


Copyright 2024, cxsecurity.com

 

Back to Top