Advisories for Npm/Crud-File-Server package

crud-file-server node module suffers from a Cross-Site Scripting vulnerability to a lack of validation of file names.

crud-file-server node suffers from a Path Traversal vulnerability due to incorrect validation of url, which allows a malicious user to read content of any file with known path.

crud-file-server allows embeding HTML in file names, which in certain conditions might lead to malicious JavaScript execution.