CVE-2018-16493

CVE-2018-16493 is a path traversal flaw in the Node.js static-resource-server module (v1.7.2) that allows an unauthenticated attacker to read arbitrary files by crafting URL path traversals (e.g., /../). The NVD lists a high CVSSv3 base score of 7.5 and medium CVSSv2 of 5.0. Exploit details are n...