Statics-Server Project: >> Statics-Server >> 0.0.6 Security Vulnerabilities
A path traversal in statics-server exists in all version that allows an attacker to perform a path traversal when a symlink is used within the working directory.
CVSS Score
7.5
EPSS Score
0.004
Published
2019-12-18
An XSS in statics-server <= 0.0.9 can be used via injected iframe in the filename when statics-server displays directory index in the browser.
CVSS Score
6.1
EPSS Score
0.003
Published
2018-07-20