[CVE-2020-24807] File Type Restriction Bypass in Socket.io-file NPM module by Thomas Sermpinis Title: File Type Restriction Bypass in Socket.io-file NPM module Date: 31/07/2020 CVE-ID: 2020-24807 Advisory: https://github.com/advisories/GHSA-6495-8jvh-f28x Author: Thomas Sermpinis Versions: <= 2.0.31 Package URL: https://www.npmjs.com/package/socket.io-file Tested on: node v10.19.0, Socket.io-file v2.0.31, socket.io v2.3.0 Proof of Concept: – During some of our pentests, we face....
Author
Latest Articles
- BlogDecember 28, 2022Cybersecurity in Education: What Parents, Teachers, and Students Should Know in 2023
- BlogDecember 15, 2022Remembering Leonard Jacobs
- BlogSeptember 30, 2022VPN Security: A Pentester's Guide to VPN Vulnerabilities
- BlogAugust 9, 2022AppSec Tales II | Sign-in
Subscribe
Login
0 Comments