0.001 Low
EPSS
Percentile
51.1%
uppy is vulnerable to information disclosure. The vulnerability exists due to an insecure debug flag which allow Local Urls by default.
github.com/transloadit/uppy/commit/267c34045a1e62c98406d8c31261c604a11e544a
huntr.dev/bounties/8b060cc3-2420-468e-8293-b9216620175b