2018-07-20 22:00:00
hackerone
PUBLISHED
An XSS in statics-server <= 0.0.9 can be used via injected iframe in the filename when statics-server displays directory index in the browser.