VYPR

Go modules package

github.com/gtsteffaniak/filebrowser

pkg:golang/github.com/gtsteffaniak/filebrowser

Vulnerabilities (2)

  • CVE-2026-44542CriMay 14, 2026
    affected < 0.0.0-20260501183844-112740bdd41dfixed 0.0.0-20260501183844-112740bdd41d

    FileBrowser Quantum is a free, self-hosted, web-based file manager. Prior to 1.3.1-stable and 1.3.9-beta, attacker-controlled path input is joined with a trusted base path prior to sanitization, allowing traversal sequences (e.g., ../) to escape the intended shared directory. As

  • CVE-2026-30934Mar 10, 2026
    affected < 0.0.0-20260307130210-09713b32a5f6fixed 0.0.0-20260307130210-09713b32a5f6

    FileBrowser Quantum is a free, self-hosted, web-based file manager. Prior to 1.3.1-beta and 1.2.2-stable, Stored XSS is possible via share metadata fields (e.g., title, description) that are rendered into HTML for /public/share/ without context-aware escaping. The server us