st@1.2.1

Vulnerabilities

1 via 1 paths

Dependencies

18

Source

npm

Find, fix and prevent vulnerabilities in your code.

Severity
  • 1
Status
  • 1
  • 0
  • 0

medium severity

Open Redirect

  • Vulnerable module: st
  • Introduced through: st@1.2.1

Detailed paths

  • Introduced through: st@1.2.1
    Remediation: Upgrade to st@1.2.2.

Overview

st is a module for serving static files.

Affected versions of this package are vulnerable to Open Redirect. A malicious user could send a specially crafted request, which would automatically redirect the request to another domain, controlled by the attacker.

Note: st will only redirect if requests are served from the root(/) and not from a subdirectory

References