5 matches found
CVE-2026-20939
CVE-2026-20939: Windows File Explorer information disclosure allowing a locally authenticated user to view sensitive data. The issue has a CVSSv3.1 base score of 5.5 (Local, Low attack complexity, Low privileges, Confidentiality impact: High). Microsoft has released fixes in January 2026 security...
CVE-2025-56807
CVE-2025-56807 affects FairSketch RISE Ultimate Project Manager & CRM (v3.9.4). The vulnerability is a Stored XSS in the File Manager/File Explorer utilized when creating new folders: the title parameter is not properly sanitized, allowing an attacker (with admin privileges as per description) to...
CVE-2025-1983 Stored Cross-Site Scripting in Ready_
A cross-site scripting XSS vulnerability in Ready's File Explorer upload functionality allows injection of arbitrary JavaScript code in filename. Injected content is stored on server and is executed every time a user interacts with the uploaded file...
CVE-2025-1983 Stored Cross-Site Scripting in Ready_
A cross-site scripting XSS vulnerability in Ready's File Explorer upload functionality allows injection of arbitrary JavaScript code in filename. Injected content is stored on server and is executed every time a user interacts with the uploaded file...
CVE-2025-24071 Microsoft Windows File Explorer Spoofing Vulnerability
...