http-live-simulator is vulnerable to directory traversal attacks. The vulnerable exists due to the lack of sanitization on the value of pathname
, allowing directory traversal attacks.
CPE | Name | Operator | Version |
---|---|---|---|
http-live-simulator | le | 1.0.6 |
github.com/prahladyeri/http-live-simulator/commit/8e85a1be562248d0d616c0e5092a3d71bbf5fe5f
github.com/prahladyeri/http-live-simulator/compare/e9c9b67e78694d99a5b546586b0826d4fecab772...354644525f1626c5921abac10913c0d47f1f1433
hackerone.com/lirantal
hackerone.com/reports/384939
hackerone.com/reports/411405
www.npmjs.com/advisories/772