Description
simplehttpserver node module suffers from a Cross-Site Scripting vulnerability to a lack of validation of file names.
Remediation
References
https://hackerone.com/reports/309648
Related Vulnerabilities
CVE-2023-38695 Vulnerability in npm package @simonsmith/cypress-image-snapshot
CVE-2022-31103 Vulnerability in npm package lettersanitizer
CVE-2022-26183 Vulnerability in npm package pnpm
CVE-2020-9492 Vulnerability in maven package org.apache.hadoop:hadoop-hdfs-client
CVE-2022-43183 Vulnerability in maven package com.xuxueli:xxl-job