Vulnerabilities > Filebrowser

DATE	CVE	VULNERABILITY TITLE	RISK
2023-09-16	CVE-2023-39612	Cross-site Scripting vulnerability in Filebrowser A cross-site scripting (XSS) vulnerability in FileBrowser before v2.23.0 allows an authenticated attacker to escalate privileges to Administrator via user interaction with a crafted HTML file or URL. network low complexity filebrowser CWE-79 critical	9.0
2022-02-04	CVE-2021-46398	Cross-Site Request Forgery (CSRF) vulnerability in Filebrowser A Cross-Site Request Forgery vulnerability exists in Filebrowser < 2.18.0 that allows attackers to create a backdoor user with admin privilege and get access to the filesystem via a malicious HTML webpage that is sent to the victim. network low complexity filebrowser CWE-352	8.8

Vulnerabilities > Filebrowser {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Filebrowser"}]}