Security Advisory

CVE-2018-3712

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-06-07 02:00:00

Last updated 2024-09-17 00:05:56

Assigner hackerone

State PUBLISHED

Description

serve node module before 6.4.9 suffers from a Path Traversal vulnerability due to not handling %2e (.) and %2f (/) and allowing them in paths, which allows a malicious user to view the contents of any directory with known path.

← Browse all CVEs View on cve.org ↗