Description
Versions of html-pages before 2.1.0 are vulnerable to path traversal.
Recommendation
No fix is available yet. Followings are affected versions:
- <= 2.1.2
References
- GHSA-fm87-46vv-jqrr
- hackerone.com
- www.npmjs.com
- CVE-2018-3744
- CWE-22
- CWE-35
- CAPEC-310
- OWASP 2021-A1
- OWASP 2021-A6
Related Issues
- Cross-Site Scripting in html-pages - CVE-2018-16481
- Path Traversal in crud-file-server - CVE-2018-3733
- Path Traversal in general-file-server - CVE-2018-3724
- Path Traversal in angular-http-server - CVE-2018-3713
- Tags:
- npm
- html-pages
Anything's wrong? Let us know Last updated on January 31, 2023