Dgtl: >> Huemagic Security Vulnerabilities
Directory Traversal vulnerability in Foddy node-red-contrib-huemagic version 3.0.0, allows remote attackers to gain sensitive information via crafted request in res.sendFile API in hue-magic.js.
CVSS Score
7.5
EPSS Score
0.005
Published
2023-08-11
node-red-contrib-huemagic 3.0.0 is affected by hue/assets/..%2F Directory Traversal.in the res.sendFile API, used in file hue-magic.js, to fetch an arbitrary file.
CVSS Score
7.5
EPSS Score
0.884
Published
2021-01-26