RSS   Vulnerabilities for 'Node-red-contrib-huemagic'   RSS

2021-01-26
 
CVE-2021-25864

CWE-22
 

 
node-red-contrib-huemagic 3.0.0 is affected by hue/assets/..%2F Directory Traversal.in the res.sendFile API, used in file hue-magic.js, to fetch an arbitrary file.

 


Copyright 2024, cxsecurity.com

 

Back to Top