Количество 2
Количество 2
CVE-2025-52902
File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. The Markdown preview function of File Browser prior to v2.33.7 is vulnerable to Stored Cross-Site-Scripting (XSS). Any JavaScript code that is part of a Markdown file uploaded by a user will be executed by the browser. Version 2.33.7 contains a fix for the issue.
GHSA-4wx8-5gm2-2j97
filebrowser allows Stored Cross-Site Scripting through the Markdown preview function
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-52902 File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. The Markdown preview function of File Browser prior to v2.33.7 is vulnerable to Stored Cross-Site-Scripting (XSS). Any JavaScript code that is part of a Markdown file uploaded by a user will be executed by the browser. Version 2.33.7 contains a fix for the issue. | CVSS3: 7.6 | 0% Низкий | 8 месяцев назад |
| GHSA-4wx8-5gm2-2j97 filebrowser allows Stored Cross-Site Scripting through the Markdown preview function | CVSS3: 7.6 | 0% Низкий | 8 месяцев назад |
Уязвимостей на страницу