Description
A path traversal vulnerability was found in module static-resource-server 1.7.2 that allows unauthorized read access to any file on the server by appending slashes in the URL.
Remediation
References
https://hackerone.com/reports/432600
Related Vulnerabilities
CVE-2023-49447 Vulnerability in maven package com.jfinal:jfinal
CVE-2022-36083 Vulnerability in npm package jose-node-cjs-runtime
CVE-2021-36374 Vulnerability in maven package org.apache.ant:ant
CVE-2022-26183 Vulnerability in npm package pnpm
CVE-2020-7696 Vulnerability in npm package react-native-fast-image