Arbitrary JavaScript Code Execution via Cross-Site Scripting (XSS) in min-http-server
CVE-2019-5457 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Cross-site scripting (XSS) vulnerability in min-http-server (all versions) allows an attacker with access to the server file system to execute arbitrary JavaScript code in victim's browser.
Learn more about our Cis Benchmark Audit For Server Software.