Skip to main content

Serve Static

2 CVEs product

Monthly

CVE-2024-43800 npm MEDIUM PATCH This Month

serve-static serves static files. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Serve Static
NVD GitHub
CVSS 3.1
4.7
EPSS
0.6%
CVE-2015-1164 npm MEDIUM POC PATCH This Month

Open redirect vulnerability in the serve-static plugin before 1.7.2 for Node.js, when mounted at the root, allows remote attackers to redirect users to arbitrary web sites and conduct phishing. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Open Redirect Node.js Serve Static
NVD GitHub
CVSS 2.0
4.3
EPSS
0.3%
EPSS 1% CVSS 4.7
MEDIUM PATCH This Month

serve-static serves static files. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Serve Static
NVD GitHub
EPSS 0% CVSS 4.3
MEDIUM POC PATCH This Month

Open redirect vulnerability in the serve-static plugin before 1.7.2 for Node.js, when mounted at the root, allows remote attackers to redirect users to arbitrary web sites and conduct phishing. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Open Redirect Node.js Serve Static
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy