5 matches found
CVE-2025-53826
File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename, and edit files. In version 2.39.0, File Browser’s authentication system issues long-lived JWT tokens that remain valid even after the user logs out. As of time of...
CVE-2025-53826 FileBrowser Has Insecure JWT Handling Which Allows Session Replay Attacks after Logout
File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename, and edit files. In version 2.39.0, File Browser’s authentication system issues long-lived JWT tokens that remain valid even after the user logs out. As of time of...
CVE-2025-53826
CVE-2025-53826 concerns File Browser (v2.39.0) where the authentication system issues long‑lived JWTs that remain valid after logout. This creates a risk of session replay, allowing an attacker to reuse a valid token to access authenticated endpoints until expiry. Multiple connected sources corro...
CVE-2025-53826 FileBrowser Has Insecure JWT Handling Which Allows Session Replay Attacks after Logout
File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename, and edit files. In version 2.39.0, File Browser’s authentication system issues long-lived JWT tokens that remain valid even after the user logs out. As of time of...
PT-2025-29588
Name of the Vulnerable Software and Affected Versions File Browser version 2.39.0 Description File Browser provides a file managing interface within a specified directory, allowing users to upload, delete, preview, rename, and edit files. The authentication system in version 2.39.0 issues...