GHSA-3JMG-P96M-M328 FileBrowser Quantum: unauthenticated user share share info

Impact Some sensitive info -- such as source and path can get exposed. Patches Update to the latest version Workarounds no...

CVE-2026-44542

FileBrowser Quantum is a free, self-hosted, web-based file manager. Prior to 1.3.1-stable and 1.3.9-beta, attacker-controlled path input is joined with a trusted base path prior to sanitization, allowing traversal sequences e.g., ../ to escape the intended shared directory. As a result, an...