Buttle Project: >> Buttle >> 0.2.0 Security Vulnerabilities
XSS in buttle npm package version 0.2.0 causes execution of attacker-provided code in the victim's browser when an attacker creates an arbitrary file on the server.
CVSS Score
6.1
EPSS Score
0.003
Published
2019-04-03
Path traversal in buttle module versions <= 0.2.0 allows to read any file in the server.
CVSS Score
7.5
EPSS Score
0.006
Published
2018-07-05