Description
citypredict.whauwiller is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
Remediation
References
https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/citypredict.whauwiller
https://nodesecurity.io/advisories/370
Related Vulnerabilities
CVE-2022-35915 Vulnerability in maven package org.webjars.npm:openzeppelin__contracts-upgradeable
CVE-2022-1291 Vulnerability in npm package tableexport.jquery.plugin
CVE-2021-33562 Vulnerability in maven package com.shopizer:shopizer
CVE-2021-23702 Vulnerability in npm package object-extend
CVE-2022-34113 Vulnerability in maven package io.dataease:dataease-plugin-common