2 matches found
CVE-2025-48494
CVE-2025-48494 concerns Gokapi, a self-hosted file sharing server. The issue is a stored XSS vulnerability when using end-to-end encryption: uploading a file with a JavaScript payload in the filename, which is parsed when the upload list is opened. Before version 2.0.0, there was no user-permissi...
PT-2025-23497 · Gokapi · Gokapi
Name of the Vulnerable Software and Affected Versions: Gokapi versions prior to 2.0.0 Description: Gokapi is a self-hosted file sharing server with automatic expiration and encryption support. A stored cross-site scripting issue can be exploited by uploading a file with JavaScript code embedded i...