6 matches found
GHSA-72FG-JQHX-C68P Open Redirect in st
st is a module for serving static files. An attacker is able to craft a request that results in an HTTP 301 redirect to an entirely different domain. A request for: http://some.server.com//nodesecurity.org/%2e%2e would result in a 301 to //nodesecurity.org/%2e%2e which most browsers treat as a...
Open Redirect in st
st is a module for serving static files. An attacker is able to craft a request that results in an HTTP 301 redirect to an entirely different domain. A request for: http://some.server.com//nodesecurity.org/%2e%2e would result in a 301 to //nodesecurity.org/%2e%2e which most browsers treat as a...
CVE-2017-16224
st is a module for serving static files. An attacker is able to craft a request that results in an HTTP 301 redirect to an entirely different domain. A request for: http://some.server.com//nodesecurity.org/%2e%2e would result in a 301 to //nodesecurity.org/%2e%2e which most browsers treat as a...
CVE-2017-16224
st is a module for serving static files. An attacker is able to craft a request that results in an HTTP 301 redirect to an entirely different domain. A request for: http://some.server.com//nodesecurity.org/%2e%2e would result in a 301 to //nodesecurity.org/%2e%2e which most browsers treat as a...
Cross site request forgery (csrf)
st is a module for serving static files. An attacker is able to craft a request that results in an HTTP 301 redirect to an entirely different domain. A request for: http://some.server.com//nodesecurity.org/%2e%2e would result in a 301 to //nodesecurity.org/%2e%2e which most browsers treat as a...
Open Redirect
Overview st is a module for serving static files. An attacker is able to craft a request that results in an HTTP 301 redirect to an entirely different domain. A request for: http://some.server.com//nodesecurity.org/%2e%2e would result in a 301 to //nodesecurity.org/%2e%2e which most browsers trea...