RSS   Vulnerabilities for 'Html-pages'   RSS

2019-02-01
 
CVE-2018-16481

CWE-79
 

 
A XSS vulnerability was found in html-page <=2.1.1 that allows malicious Javascript code to be executed in the user's browser due to the absence of sanitization of the paths before rendering.

 
2018-05-29
 
CVE-2018-3744

CWE-22
 

 
The html-pages node module contains a path traversal vulnerabilities that allows an attacker to read any file from the server with cURL.

 


Copyright 2024, cxsecurity.com

 

Back to Top