mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-06 02:31:38 +00:00
800 B
800 B
CVE-2022-25931
Description
All versions of package easy-static-server are vulnerable to Directory Traversal due to missing input sanitization and sandboxes being employed to the req.url user input that is passed to the server code.
POC
Reference
- https://gist.github.com/lirantal/fdfbe26561788c8194a54bf6d31772c9
- https://security.snyk.io/vuln/SNYK-JS-EASYSTATICSERVER-3153539
Github
No PoCs found on GitHub currently.