File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. Prior to version 2.34.1, a missing password policy and brute-force protection makes the authentication process insecure. Attackers could mount a brute-force attack to retrieve the passwords of all accounts in a given instance. This issue has been patched in version 2.34.1.
References
Configurations
No configuration.
History
03 Jul 2025, 15:14
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
30 Jun 2025, 20:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-06-30 20:15
Updated : 2025-07-03 15:14
NVD link : CVE-2025-52997
Mitre link : CVE-2025-52997
CVE.ORG link : CVE-2025-52997
JSON object : View
Products Affected
No product.