CVE-2025-52902

HIGH7.6EPSS 0.10%

filebrowser allows Stored Cross-Site Scripting through the Markdown preview function in github.com/filebrowser/filebrowser

發布日:2025/6/27修改日:2026/3/3

描述

filebrowser allows Stored Cross-Site Scripting through the Markdown preview function in github.com/filebrowser/filebrowser

受影響套件(4)

Go/github.com/filebrowser/filebrowserfrom 0, <= 1.11.0
Go/github.com/filebrowser/filebrowserfrom 0
Go/github.com/filebrowser/filebrowser/v2from 0, < 2.33.7
Go/github.com/filebrowser/filebrowser/v2from 0, < 2.33.7

CVSS 分數

來源	版本	嚴重程度	向量
osv	CVSS 3.1	HIGH7.6	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N

參考連結(6)