A server directory traversal vulnerability was found on node module mcstatic <=0.0.20 that would allow an attack to access sensitive information in the file system by appending slashes in the URL path.
[
{
"product": "mcstatic",
"vendor": "HackerOne",
"versions": [
{
"status": "affected",
"version": "<=0.0.20"
}
]
}
]