CVE-2018-3726

Published June 7th, 2018

View on NVD ↗

CVSS v3

6.1

MEDIUM

CVSS v2

4.3

MEDIUM

Affected

1

PROJECT

Description

crud-file-server node module before 0.8.0 suffers from a Cross-Site Scripting vulnerability to a lack of validation of file names.

omphalos/crud-file-server

basic file server supporting create, read, update, & delete

GitHub

19