Advisories for Npm/Simplehttpserver package

A Path Traversal in simplehttpserver allows to list any file in another folder of web root.

Path traversal in simplehttpserver allows listing any file on the server.

simplehttpserver node module suffers from a Cross-Site Scripting vulnerability due to a lack of validation of file names.

simplehttpserver allows embedding HTML in file names, which in certain conditions allows execution of malicious JavaScript.