EPSS
Percentile
48.3%
serve-here.js is vulnerable to directory traversal. The attack is possible as it allows adding ../ to the web root, listing any file in another folder of web root.
../
hackerone.com/reports/569966