2 matches found
CVE-2018-3755
XSS in sexstatic element used in directory name...
CVE-2018-3755
Summary (CVE-2018-3755) : The vulnerability affects the static file server module sexstatic (versions ≤ 0.6.2). Affected component is the directory listing code in showdir.js where the directory name (pathname) is used in HTML output without sanitization, enabling a stored XSS if an attacker prov...