Description
The seefl package v0.1.1 is vulnerable to a stored Cross-Site Scripting (XSS) vulnerability via a malicious filename rendered in a directory listing.
Remediation
References
https://hackerone.com/reports/665302
Related Vulnerabilities
CVE-2020-7632 Vulnerability in npm package node-mpv
CVE-2023-46651 Vulnerability in maven package io.jenkins.plugins:warnings-ng
CVE-2021-25941 Vulnerability in npm package deep-override
CVE-2022-26260 Vulnerability in npm package simple-plist
CVE-2022-45690 Vulnerability in maven package cn.hutool:hutool-json