Lucene search
K

4 matches found

Veracode
Veracode
added 2020/01/02 12:8 a.m.17 views

Cross-site Scripting (XSS)

seeftl is vulnerable to cross-site scripting XSS. During the directories listing, the input filename is not escaped before printing the user input directly on the screen, allowing an attacker to inject arbitrary script...

6.1CVSS2.6AI score0.00752EPSS
Exploits1References1Affected Software1
Hacker One
Hacker One
added 2019/05/07 8:16 p.m.27 views

Node.js third-party modules: [min-http-server] Stored XSS in the filename when directories listing

I would like to report Stored XSS in module "min-http-server". It allows to inject malicious scripts in the file name, store them on the server, then execute these scripts in the browser via the XSS vulnerability. Module module name: min-http-server version: 1.0.6 npm page:...

3.5CVSS5AI score0.00709EPSS
Exploits1
Hacker One
Hacker One
added 2018/03/26 10:40 a.m.37 views

Node.js third-party modules: [public] Stored XSS in the filename when directories listing

I would like to report a Stored XSS issue in module public It allows executing malicious javascript code in the user's browser. Module module name: public version: 0.1.3 npm page: https://www.npmjs.com/package/public Module Description Run static file hosting server with specified public dir &...

4.3CVSS5.7AI score0.00769EPSS
Exploits1
securityvulns
securityvulns
added 2007/09/13 12:0 a.m.50 views

Apache crossite scripting

Crossite scripting with UTF-7 characters on directories listing and error messages...

4.3CVSS2.7AI score0.26188EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder