Arbitrary JavaScript Code Execution via Cross-Site Scripting (XSS) in min-http-server

Arbitrary JavaScript Code Execution via Cross-Site Scripting (XSS) in min-http-server

CVE-2019-5457 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Cross-site scripting (XSS) vulnerability in min-http-server (all versions) allows an attacker with access to the server file system to execute arbitrary JavaScript code in victim's browser.

Learn more about our Cis Benchmark Audit For Server Software.