0.001 Low
EPSS
Percentile
47.6%
harp is vulnerable to information disclosure. A remote attacker is able to retrieve files within the web root that are marked as ignored using a URL encoded underscore character %5f, e.g %5fsecret.txt
%5f
%5fsecret.txt
github.com/harp/harpjs.com/issues/85
hackerone.com/reports/453820
hackerone.com/reports/530289