CVE-2019-15602

Publication date

2020-01-06 16:32:41

Family

hackerone

State

PUBLISHED

Description

The fileview package v0.1.6 has inadequate output encoding and escaping, which leads to a stored Cross-Site Scripting (XSS) vulnerability in files it serves.