CVE-2018-16480

Summary

A XSS vulnerability was found in module public <0.1.4 that allows malicious Javascript code to run in the browser, due to the absence of sanitization of the file/folder names before rendering.

Affected Software

VendorProductVersion RangeStatus
HackerOnepublic<0.1.4affected

Weaknesses

  • CWE-79: Cross-site Scripting (XSS) - Generic (CWE-79)

ADP Enrichment

CVE Program Container

Additional References

References