Vulnerabilities

CVE-2021-25864

by Fred · 26/01/2021

node-red-contrib-huemagic 3.0.0 is affected by hue/assets/..%2F Directory Traversal.in the res.sendFile API, used in file hue-magic.js, to fetch an arbitrary file.

Date published : 2021-01-26

https://github.com/Foddy/node-red-contrib-huemagic/issues/217

Similar

Tags: Cybersecurity Alert