GHSA-3P34-W4F6-5XH2 better-helperjs Vulnerable to Directory Traversal via String Prefix Bypass in Static Server
Summary A directory traversal vulnerability exists in the production static file server of better-helperjs = 3.0.5. Attackers can read arbitrary files located in adjacent directory structures that share the same string prefix as the intended static root directory. Details The framework utilizes a...