Lucene search
Veracode Vulnerability DatabaseVERACODE:7053HistoryJul 16, 2018 - 2:02 a.m.
Cross-Site Scripting (XSS)
2018-07-1602:02:57
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
0.001 Low
EPSS
Percentile
38.0%
statics-server is vulnerable to cross-site scripting (XSS). It is possible for an attacker to inject malicious iframe tags via the filename parameter and execute arbitray Javascript code. This is due to a lack of output encoding when the statics-server displays the directory index.
| CPE | Name | Operator | Version |
|---|---|---|---|
| statics-server | le | 0.0.9 | |
| statics-server | le | 0.0.9 |
Related
hackerone
hackerone
cve
cve
CVE-2018-3771
2018-07-20 22:29:00
osv
osv
statics-server Cross-site Scripting vulnerability
2022-05-13 01:32:20
prion
prion
Design/Logic Flaw
2018-07-20 22:29:00
github
github
statics-server Cross-site Scripting vulnerability
2022-05-13 01:32:20
nvd
nvd
CVE-2018-3771
2018-07-20 22:29:00
cvelist
cvelist
CVE-2018-3771
2018-07-20 00:00:00