A path traversal vulnerability was found in module static-resource-server 1.7.2 that allows unauthorized read access to any file on the server by appending slashes in the URL.
[
{
"product": "static-resource-server",
"vendor": "HackerOne",
"versions": [
{
"status": "affected",
"version": "1.7.2"
}
]
}
]