Directory Traversal

2017-06-2801:54:45

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

EPSS

0.002

Percentile

58.8%

JSON

f2e-server is vulnerable to directory traversal attacks. The attacks exist because it does not validate the user requested URL path, allowing an attacker access to any files on the server by sending GET request containing ../ .

References

github.com/shy2850/node-server/issues/10

github.com/shy2850/node-server/pull/12

nodesecurity.io/advisories/346

EPSS

0.002

Percentile

58.8%

JSON

Related for VERACODE:4488