Description
Path traversal vulnerability in version up to v1.1.3 in serve-here.js npm module allows attackers to list any file in arbitrary folder.
Remediation
References
https://hackerone.com/reports/569966
Related Vulnerabilities
CVE-2022-32114 Vulnerability in npm package @strapi/strapi
CVE-2020-36049 Vulnerability in npm package socket.io-parser
CVE-2013-1571 Vulnerability in maven package org.apache.tomcat:catalina
CVE-2020-28481 Vulnerability in maven package org.webjars.bower:socket.io
CVE-2023-36477 Vulnerability in maven package org.xwiki.contrib:application-ckeditor-ui