CVE-2025-52902

HIGH7.6EPSS 0.10%

filebrowser allows Stored Cross-Site Scripting through the Markdown preview function in github.com/filebrowser/filebrowser

Published: 6/27/2025Modified: 3/3/2026

Description

filebrowser allows Stored Cross-Site Scripting through the Markdown preview function in github.com/filebrowser/filebrowser

Source	Version	Severity	Vector
osv	CVSS 3.1	HIGH7.6	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N