Description
whispercast is a file server. whispercast is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
Remediation
References
https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/whispercast
https://nodesecurity.io/advisories/466
Related Vulnerabilities
CVE-2021-31684 Vulnerability in maven package net.minidev:json-smart
CVE-2022-31198 Vulnerability in maven package org.webjars.npm:openzeppelin__contracts
CVE-2021-26539 Vulnerability in maven package org.webjars.npm:sanitize-html
CVE-2013-1880 Vulnerability in maven package org.apache.activemq:activemq-web
CVE-2021-34078 Vulnerability in npm package lifion-verify-deps