CVE-2021-40349

Published September 27th, 2021

View on NVD ↗

CVSS v3

5.3

MEDIUM

CVSS v2

5

MEDIUM

Affected

1

PROJECT

Description

e7d Speed Test (aka speedtest) 0.5.3 allows a path-traversal attack that results in information disclosure via the "GET /.." substring.

A self-hosted, lightweight HTML5 speed test implemented in JavaScript, based on Web Workers and XMLHttpRequest.

GitHub

214