Description
chatbyvista is a file server. chatbyvista is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
Remediation
References
https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/chatbyvista
https://nodesecurity.io/advisories/462
Related Vulnerabilities
CVE-2022-23463 Vulnerability in maven package com.nepxion:discovery-commons
CVE-2022-26112 Vulnerability in maven package org.apache.pinot:pinot-broker
CVE-2022-29647 Vulnerability in maven package net.mingsoft:ms-mcms
CVE-2017-16125 Vulnerability in npm package rtcmulticonnection-client
CVE-2023-49395 Vulnerability in maven package com.jfinal:jfinal