4 matches found
SUSE CVE-2026-29188
File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. Prior to version 2.61.1, a broken access control vulnerability in the TUS protocol DELETE endpoint allows authenticated users with only Create...
CVE-2026-29188
File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. Prior to version 2.61.1, a broken access control vulnerability in the TUS protocol DELETE endpoint allows authenticated users with only Create...
CVE-2026-29188 File Browser: TUS Delete Endpoint Bypasses Delete Permission Check
File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. Prior to version 2.61.1, a broken access control vulnerability in the TUS protocol DELETE endpoint allows authenticated users with only Create...
CVE-2026-29188
CVE-2026-29188 concerns File Browser’s TUS protocol DELETE endpoint, where prior to v2.61.1 broken access control allowed authenticated users with only Create permission to delete arbitrary files/directories within their scope. The issue affects multi-user deployments with restricted deletion per...