CVE-2019-15602

Summary

The fileview package v0.1.6 has inadequate output encoding and escaping, which leads to a stored Cross-Site Scripting (XSS) vulnerability in files it serves.

Affected Software

VendorProductVersion RangeStatus
n/afileviewNot fixedaffected

Weaknesses

  • CWE-79: Cross-site Scripting (XSS) - Stored (CWE-79)

ADP Enrichment

CVE Program Container

Additional References

References