XSS in Denoland Std
CVE-2024-52793
The Deno Standard Library provides APIs for Deno and the Web. Prior to version 1.0.11, `http/file-server`'s `serveDir` with `showDirListing: true` option is vulnerable to cross-site scripting when the attacker is a user who can control fil…
Vulnerability class: XSS (Cross-Site Scripting)
EPSS: 0.006 (43.7th percentile) — read the EPSS interpretation.
Affected products
- Denoland Std — versions < 1.0.11
Weakness classification (CWE)
References
- security-advisories@github.com (x_refsource_CONFIRM)
- security-advisories@github.com (x_refsource_MISC)
- security-advisories@github.com (x_refsource_MISC)