CVE-2018-3718

Summary

serve node module suffers from Improper Handling of URL Encoding by permitting access to ignored files if a filename is URL encoded.

Affected Software

VendorProductVersion RangeStatus
HackerOneserve node moduleAll versionsaffected

Weaknesses

  • CWE-177: Improper Handling of URL Encoding (Hex Encoding) (CWE-177)

ADP Enrichment

CVE Program Container

Additional References

References