Relative Path Traversal
Relative Path Traversal in public.
Relative Path Traversal in public.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in public.
A XSS vulnerability was found in module public that allows malicious Javascript code to run in the browser, due to the absence of sanitization of the file/folder names before rendering.
The public node module allows embedding HTML in file names, which (in certain conditions) might lead to execute malicious JavaScript.
public node module suffers from a Path Traversal vulnerability due to lack of validation of filePath, which allows a malicious user to read content of any file with known path.
Public has a path traversal vulnerability. It allows an attacker to read content of arbitrary files on the server.