Back to search
CVE-2018-16480
Published: Feb 1, 2019
Modified: Aug 5, 2024
PUBLISHED
Description
A XSS vulnerability was found in module public <0.1.4 that allows malicious Javascript code to run in the browser, due to the absence of sanitization of the file/folder names before rendering.
| Vendor | Product | Versions |
|---|---|---|
HackerOne | public | affected <0.1.4 |
Weaknesses (CWE)
References
https://hackerone.com/reports/329950
x_refsource_MISC
https://www.npmjs.com/package/public
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now