2019-02-01 18:00:00
hackerone
PUBLISHED
A path traversal vulnerability was found in module static-resource-server 1.7.2 that allows unauthorized read access to any file on the server by appending slashes in the URL.