Directory Traversal Vulnerability in m.static Package

CVE-2023-26126 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

All versions of the package m.static are vulnerable to Directory Traversal due to improper input sanitization of the path being requested via the requestFile function.

Learn more about our Web Application Penetration Testing UK.