Description
A path traversal vulnerability in <= v0.2.6 of http-file-server npm module allows attackers to list files in arbitrary folders.
Remediation
References
https://hackerone.com/reports/570133
Related Vulnerabilities
CVE-2021-43801 Vulnerability in npm package mercurius
CVE-2023-26149 Vulnerability in npm package quill-mention
CVE-2020-24855 Vulnerability in npm package @easy-team/easywebpack-cli
CVE-2018-20821 Vulnerability in npm package node-sass
CVE-2018-17785 Vulnerability in maven package cc.blynk.server.api.core:http-core