9 matches found
CVE-2026-34529
File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to version 2.62.2, the EPUB preview function in File Browser is vulnerable to Stored Cross-Site Scripting XSS. JavaScript embedded in a crafted EPUB file...
CVE-2026-34529
File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to version 2.62.2, the EPUB preview function in File Browser is vulnerable to Stored Cross-Site Scripting XSS. JavaScript embedded in a crafted EPUB file...
CVE-2026-34529
File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to version 2.62.2, the EPUB preview function in File Browser is vulnerable to Stored Cross-Site Scripting XSS. JavaScript embedded in a crafted EPUB file...
CVE-2026-34529
CVE-2026-34529 – File Browser stored XSS via crafted EPUB (GHSA-5VPR-4FGW-F69H) . The Github advisory discloses a vulnerability in File Browser where the EPUB preview function can run JavaScript in the victim’s browser. Root cause: Preview.vue passes epubOptions with allowScriptedContent: true to...
CVE-2026-34529 File Browser is vulnerable to Stored Cross-site Scripting via crafted EPUB file
File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to version 2.62.2, the EPUB preview function in File Browser is vulnerable to Stored Cross-Site Scripting XSS. JavaScript embedded in a crafted EPUB file...
CVE-2026-34529 File Browser is vulnerable to Stored Cross-site Scripting via crafted EPUB file
File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to version 2.62.2, the EPUB preview function in File Browser is vulnerable to Stored Cross-Site Scripting XSS. JavaScript embedded in a crafted EPUB file...
File Browser 跨站脚本漏洞
File Browser is an open-source file management interface developed by File Browser. It allows for the uploading, deletion, previewing, and editing of files within a specified directory. Versions of File Browser prior to 2.62.2 contained a cross-site scripting vulnerability. This vulnerability...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the EPUB preview function in File Browser. An attacker can execute arbitrary JavaScript in the context of the victim's browser by uploading a crafted EPUB file containing malicious scripts. This allows the...
PT-2026-29426
Name of the Vulnerable Software and Affected Versions File Browser versions prior to 2.62.2 Description File Browser's EPUB preview function is susceptible to Stored Cross-Site Scripting XSS. A crafted EPUB file containing JavaScript can execute in a victim's browser when the file is previewed. T...