2 matches found
CVE-2019-5457
Cross-site scripting XSS vulnerability in min-http-server all versions allows an attacker with access to the server file system to execute arbitrary JavaScript code in victim's browser...
CVE-2019-5457
CVE-2019-5457 concerns a cross-site scripting (XSS) vulnerability in min-http-server (all versions). The root cause is failure to sanitize filenames in directory listings, allowing an attacker with access to the server file system to inject malicious characters into filenames and have JavaScript ...