RSS   Vulnerabilities for 'Statics-server'   RSS

2019-12-18
 
CVE-2019-15596

CWE-22
 

 
A path traversal in statics-server exists in all version that allows an attacker to perform a path traversal when a symlink is used within the working directory.

 
2018-07-20
 
CVE-2018-3771

CWE-79
 

 
An XSS in statics-server <= 0.0.9 can be used via injected iframe in the filename when statics-server displays directory index in the browser.

 


Copyright 2024, cxsecurity.com

 

Back to Top