Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal due to improper input sanitization of the path being requested via the requestFile function. PoC curl --path-as-is "http://localhost:3000/../package.json Details A Directory Traversal attack also known as path...