Description
serve node module suffers from Improper Handling of URL Encoding by permitting access to ignored files if a filename is URL encoded.
Remediation
References
https://hackerone.com/reports/308721
Related Vulnerabilities
CVE-2020-28499 Vulnerability in npm package merge
CVE-2022-36904 Vulnerability in maven package org.jenkins-ci.plugins:repository-connector
CVE-2022-36888 Vulnerability in maven package com.datapipe.jenkins.plugins:hashicorp-vault-plugin
CVE-2022-25847 Vulnerability in npm package serve-lite
CVE-2022-0198 Vulnerability in maven package edu.stanford.nlp:stanford-corenlp