We found results for “”
WS-2019-0220
Good to know:
Date: February 26, 2019
zero versions before 1.0.6 are vulnerable to path traversal because of insufficient input sanitization in URLs, attackers can access server files by using relative paths when fetching files.
Language: JS
Severity Score
Severity Score
Weakness Type (CWE)
Path Traversal
CWE-22Top Fix
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | NONE |
User Interaction (UI): | NONE |
Scope (S): | UNCHANGED |
Confidentiality (C): | LOW |
Integrity (I): | LOW |
Availability (A): | NONE |