A path traversal vulnerability was found in module static-resource-server 1.7.2 that allows unauthorized read access to any file on the server by appending slashes in the URL.
The product inappropriately exposes a directory listing with an index of all the resources located inside of the directory.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Static-resource-server | Static-resource-server_project | 1.7.2 (including) | 1.7.2 (including) |