CVE-2018-3744

Summary

The html-pages node module contains a path traversal vulnerabilities that allows an attacker to read any file from the server with cURL.

Affected Software

VendorProductVersion RangeStatus
HackerOnehtml-pages node moduleNot fixedaffected

Weaknesses

  • CWE-35: Path Traversal: '…/…//' (CWE-35)

ADP Enrichment

CVE Program Container

Additional References

References