serve-lite@1.1.1 vulnerabilities
a lightweight http-server for static file-based web development
-
latest version
1.2.3
-
latest non vulnerable version
-
first published
2 years ago
-
latest version published
3 days ago
Direct Vulnerabilities
Known vulnerabilities in the serve-lite package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
serve-lite is an a lightweight http-server for static file-based web development Affected versions of this package are vulnerable to Cross-site Scripting (XSS) because when it detects a request to a directory, it renders a file listing of all of its contents with links that include the actual file names without any sanitization or output encoding. How to fix Cross-site Scripting (XSS)? Upgrade |
<1.1.2
|