An XSS in statics-server <= 0.0.9 can be used via injected iframe in the filename when statics-server displays directory index in the browser.
References
Link | Resource |
---|---|
https://hackerone.com/reports/355458 | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: hackerone
Published: 2018-07-20T00:00:00
Updated: 2018-07-20T21:57:01
Reserved: 2017-12-28T00:00:00
Link: CVE-2018-3771
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-07-20T22:29:00.287
Modified: 2023-01-30T16:05:10.243
Link: CVE-2018-3771
JSON object: View
Redhat Information
No data.
CWE