4 matches found
GHSA-V7CP-5326-54FH Path Traversal in bruteser
Versions of bruteser prior to 0.1.0 are vulnerable to Path Traversal. The package fails to sanitize URLs, allowing attackers to access server files outside of the served folder using relative paths. Recommendation Upgrade to version 0.1.0 or later...
Path Traversal in bruteser
Versions of bruteser prior to 0.1.0 are vulnerable to Path Traversal. The package fails to sanitize URLs, allowing attackers to access server files outside of the served folder using relative paths. Recommendation Upgrade to version 0.1.0 or later...
Path Traversal
Overview Versions of bruteser prior to 0.1.0 are vulnerable to Path Traversal. The package fails to sanitize URLs, allowing attackers to access server files outside of the served folder using relative paths. Recommendation Upgrade to version 0.1.0 or later. References - HackerOne Report - GitHub...
Node.js third-party modules: [bruteser] Path Traversal allows to read content of arbitrary file
I would like to report Path Traversal in bruteser module. It allows to read content of any arbitrary file from the server where bruteser is installed and run. Module module name: bruteser version: 0.0.2 npm page: https://www.npmjs.com/package/bruteser Module Description BruteSer - server can be...