Vulnerabilities > Serve Lite Project > Serve Lite > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-01-26 | CVE-2022-25847 | Cross-site Scripting vulnerability in Serve-Lite Project Serve-Lite All versions of the package serve-lite are vulnerable to Cross-site Scripting (XSS) because when it detects a request to a directory, it renders a file listing of all of its contents with links that include the actual file names without any sanitization or output encoding. | 6.1 |