CVE-2018-16493

CVE-2018-16493

Vendor Hackerone
Product static-resource-server
Weakness CWE-548 · Directory listing
Published February 1, 2019
Last update August 5, 2024

CVSS base score

What the vulnerability does

01Description

A path traversal vulnerability was found in module static-resource-server 1.7.2 that allows unauthorized read access to any file on the server by appending slashes in the URL.

Key dates

02Disclosure timeline

February 1, 2019 CVE published
August 5, 2024 Record updated