Cross-site Scripting (XSS) - Stored in crud-file-server

🗓️ 18 Jul 2018 18:27:34Reported by GitHub Advisory DatabaseType

Vulnerability in crud-file-server due to stored cross-site scripting (XSS) before version 0.8.0

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 9
OSV	CVE-2018-3726	7 Jun 201802:29	–	osv
OSV	Cross-site Scripting (XSS) - Stored in crud-file-server	18 Jul 201818:34	–	osv
Veracode	Cross-site Scripting (XSS)	21 Feb 201807:26	–	veracode
Prion	Cross site scripting	7 Jun 201802:29	–	prion
Hacker One	Node.js third-party modules: [crud-file-server] Stored XSS in filenames when directory index is served by crud-file-server	31 Jan 201820:38	–	hackerone
Cvelist	CVE-2018-3726	7 Jun 201802:00	–	cvelist
NVD	CVE-2018-3726	7 Jun 201802:29	–	nvd
Node.js	Cross-site Scripting (XSS) - Stored	20 Apr 201821:40	–	nodejs
CVE	CVE-2018-3726	7 Jun 201802:29	–	cve

Vulners

Node

crud-file-server_project crud-file-serverRange≤0.7.0

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2018-3726
github	www.github.com/omphalos/crud-file-server/commit/4155bfe068bf211b49a0b3ffd06e78cbaf1b40fa
hackerone	www.hackerone.com/reports/311101
github	www.github.com/advisories/GHSA-h24f-9mm4-w336
npmjs	www.npmjs.com/advisories/570

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

18 Jul 2018 18:34Current

3.1Low risk

Vulners AI Score3.1

CVSS24.3

CVSS36.1

EPSS0.00491

CWE-79