3 matches found
CVE-2018-3726
crud-file-server node module before 0.8.0 suffers from a Cross-Site Scripting vulnerability to a lack of validation of file names...
CVE-2018-3726
crud-file-server node module before 0.8.0 suffers from a Cross-Site Scripting vulnerability to a lack of validation of file names...
CVE-2018-3726
The vulnerability relates to the crud-file-server Node.js module prior to version 0.8.0. Affected component/file: directory index handling in crud-file-server where filenames are not properly validated, leading to a stored Cross-Site Scripting (XSS) vulnerability. Root cause: insufficient sanitiz...