Hi Internet,
Summary: A path traversal issue was observed in Mozilla PDF.js which is a PDF reader in JavaScript. (This issue is unpatched)
This issue was observed while code review of PDF.js (gulpfile.js)
PDF.js is built into version 19+ of firefox and a chrome extension is also available on chrome web store. To install and get a local copy of PDF.js here are the below steps :
Then navigate to http://127.0.0.1:8888/
I've used the attribute --path-as-is from cURL to verify this issue.
This was reported to mozilla via bugzilla but team says "The server with pdf.js is intended to be a development server and should not be exposed to public networks. I suppose we could update the docs to state that." and a upstream issue was filed against this[1].
Summary: A path traversal issue was observed in Mozilla PDF.js which is a PDF reader in JavaScript. (This issue is unpatched)
This issue was observed while code review of PDF.js (gulpfile.js)
PDF.js is built into version 19+ of firefox and a chrome extension is also available on chrome web store. To install and get a local copy of PDF.js here are the below steps :
Then navigate to http://127.0.0.1:8888/
I've used the attribute --path-as-is from cURL to verify this issue.
This was reported to mozilla via bugzilla but team says "The server with pdf.js is intended to be a development server and should not be exposed to public networks. I suppose we could update the docs to state that." and a upstream issue was filed against this[1].
Thank you
0 coment�rios:
Post a Comment