CVE-2018-16493

Summary

A path traversal vulnerability was found in module static-resource-server 1.7.2 that allows unauthorized read access to any file on the server by appending slashes in the URL.

Affected Software

VendorProductVersion RangeStatus
HackerOnestatic-resource-server1.7.2affected

Weaknesses

  • CWE-548: Information Exposure Through Directory Listing (CWE-548)

ADP Enrichment

CVE Program Container

Additional References

References