0.001 Low
EPSS
Percentile
48.4%
harp is vulnerable to directory traversal. The attack exists due to the ignorance of the harp server rules for the file path starting with underscore, allowing an unauthorized listing of the files in another folder of web root.
hackerone.com/reports/453820
hackerone.com/reports/530289