Medium severityNVD Advisory· Published Nov 22, 2024· Updated Apr 15, 2026
CVE-2024-52793
CVE-2024-52793
Description
The Deno Standard Library provides APIs for Deno and the Web. Prior to version 1.0.11, http/file-server's serveDir with showDirListing: true option is vulnerable to cross-site scripting when the attacker is a user who can control file names in the source directory on systems with POSIX file names. Exploitation might also be possible on other systems but less trivial due to e.g. lack of file name support for <> in Windows. Version 1.0.11 fixes the issue.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <1.0.11
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.