0.001 Low
EPSS
Percentile
25.0%
min-http-server is vulnerable to cross-site scripting (XSS). The attack is due to lack of sanitization of filenames before rendering as HTML in listing directory page.
github.com/zhanyuzhang/min-http-server/issues/1
hackerone.com/reports/570568