Description
Sencisho is a simple http server for local development. Sencisho is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL.
Remediation
References
https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/sencisho
https://nodesecurity.io/advisories/340
Related Vulnerabilities
CVE-2022-24823 Vulnerability in maven package io.netty:netty-codec-http
CVE-2022-26183 Vulnerability in npm package pnpm
CVE-2021-21277 Vulnerability in npm package angular-expressions
CVE-2023-37602 Vulnerability in maven package org.opencms:opencms-core
CVE-2022-31367 Vulnerability in npm package strapi-plugin-content-manager