Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Unknown

CVE-2018-16481

Disclosure Date: February 01, 2019 (last updated November 27, 2024)
A XSS vulnerability was found in html-page <=2.1.1 that allows malicious Javascript code to be executed in the user's browser due to the absence of sanitization of the paths before rendering.
0
0
Attacker Value
Unknown

CVE-2018-3744

Disclosure Date: May 29, 2018 (last updated November 26, 2024)
The html-pages node module contains a path traversal vulnerabilities that allows an attacker to read any file from the server with cURL.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0