Filtered by vendor Filebrowser
Subscribe
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-39612 | 1 Filebrowser | 1 Filebrowser | 2024-02-28 | N/A | 9.0 CRITICAL |
| A cross-site scripting (XSS) vulnerability in FileBrowser before v2.23.0 allows an authenticated attacker to escalate privileges to Administrator via user interaction with a crafted HTML file or URL. | |||||
| CVE-2021-46398 | 1 Filebrowser | 1 Filebrowser | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
| A Cross-Site Request Forgery vulnerability exists in Filebrowser < 2.18.0 that allows attackers to create a backdoor user with admin privilege and get access to the filesystem via a malicious HTML webpage that is sent to the victim. An admin can run commands using the FileBrowser and hence it leads to RCE. | |||||