Description
The seefl package v0.1.1 is vulnerable to a stored Cross-Site Scripting (XSS) vulnerability via a malicious filename rendered in a directory listing.
Remediation
References
https://hackerone.com/reports/665302
Related Vulnerabilities
CVE-2023-35088 Vulnerability in maven package org.apache.inlong:manager-service
CVE-2022-43410 Vulnerability in maven package org.jenkins-ci.plugins:mercurial
CVE-2019-17633 Vulnerability in maven package org.eclipse.che:assembly-wsmaster-war
CVE-2022-37259 Vulnerability in npm package steal
CVE-2020-8124 Vulnerability in maven package org.webjars.npm:url-parse