Description
All versions of package startserver are vulnerable to Directory Traversal due to missing sanitization.
Remediation
References
https://github.com/xudafeng/startserver/blob/bef0c4e4d21da42a40ce87cf25fd54ac8d8cb2d8/lib/index.js%23L71
https://snyk.io/vuln/SNYK-JS-STARTSERVER-1296388
Related Vulnerabilities
CVE-2022-28220 Vulnerability in maven package org.apache.james.protocols:protocols-api
CVE-2020-28502 Vulnerability in npm package xmlhttprequest-ssl
CVE-2022-23059 Vulnerability in maven package com.shopizer:shopizer
CVE-2021-39151 Vulnerability in maven package com.thoughtworks.xstream:xstream
CVE-2020-16041 Vulnerability in maven package org.webjars.npm:electron