CVE-2025-52902 | filebrowser up to 2.33.6 cross site scripting (GHSA-4wx8-5gm2-2j97)

June 26, 2025 Yanac

A vulnerability, which was classified as problematic, was found in filebrowser up to 2.33.6. Affected is an unknown function. The manipulation leads to cross site scripting.

This vulnerability is traded as CVE-2025-52902. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More

CVE-2025-6731 | yzcheng90 X-SpringBoot up to 5.0 APK File /sys/oss/upload/apk uploadApk path traversal
CVE-2025-53007 | Espressif arduino-esp32 up to 3.2.0 HTTP Header response splitting (GHSA-5476-9jjq-563m)