CVEDB API

An XSS in statics-server <= 0.0.9 can be used via injected iframe in the filename when statics-server displays directory index in the browser.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 59.1%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

Products affected by CVE-2018-3771

Statics-Server Project » Statics-Server » Version: 0.0.1

cpe:2.3:a:statics-server_project:statics-server:0.0.1
Statics-Server Project » Statics-Server » Version: 0.0.2

cpe:2.3:a:statics-server_project:statics-server:0.0.2
Statics-Server Project » Statics-Server » Version: 0.0.3

cpe:2.3:a:statics-server_project:statics-server:0.0.3
Statics-Server Project » Statics-Server » Version: 0.0.4

cpe:2.3:a:statics-server_project:statics-server:0.0.4
Statics-Server Project » Statics-Server » Version: 0.0.5

cpe:2.3:a:statics-server_project:statics-server:0.0.5
Statics-Server Project » Statics-Server » Version: 0.0.6

cpe:2.3:a:statics-server_project:statics-server:0.0.6
Statics-Server Project » Statics-Server » Version: 0.0.7

cpe:2.3:a:statics-server_project:statics-server:0.0.7
Statics-Server Project » Statics-Server » Version: 0.0.8

cpe:2.3:a:statics-server_project:statics-server:0.0.8
Statics-Server Project » Statics-Server » Version: 0.0.9

cpe:2.3:a:statics-server_project:statics-server:0.0.9