Security Advisory

CVE-2021-25864

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-01-26 07:09:07

Last updated 2024-08-03 20:11:28

Assigner mitre

State PUBLISHED

Description

node-red-contrib-huemagic 3.0.0 is affected by hue/assets/..%2F Directory Traversal.in the res.sendFile API, used in file hue-magic.js, to fetch an arbitrary file.

← Browse all CVEs View on cve.org ↗