CVE-2025-52902
BaseFortify
Publication date: 2025-06-26
Last updated on: 2025-07-10
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| filebrowser | filebrowser | to 2.33.7 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
| CWE-80 | The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special characters such as "<", ">", and "&" that could be interpreted as web-scripting elements when they are sent to a downstream component that processes web pages. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a Stored Cross-Site Scripting (XSS) issue in the Markdown preview function of File Browser versions prior to 2.33.7. It occurs because the Markdown parser renders HTML content embedded in Markdown files without proper sanitization, allowing an attacker to upload a malicious Markdown file containing JavaScript code. When a user previews this file, the malicious script executes in their browser, potentially compromising their session or privileges. [2]
How can this vulnerability impact me? :
The vulnerability can allow attackers to execute arbitrary JavaScript in the context of the user's browser when previewing a malicious Markdown file. This can lead to theft of user session tokens, privilege escalation (especially if the victim is an administrator), and potentially command execution on the server. It poses a high confidentiality risk and a low integrity risk, but does not affect availability. [2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by identifying if your File Browser instance is running a version prior to 2.33.7 and if it allows uploading and previewing Markdown files with embedded HTML/JavaScript. A practical detection method is to upload a test Markdown file containing a simple XSS payload such as `<img src="xx" onerror=alert(9)>` and then preview it in the application to see if the script executes. Additionally, you can check the version of File Browser by running the command `filebrowser --version` or inspecting the application UI/version info. Network detection is limited since this is a stored XSS triggered by user interaction in the UI, so monitoring for suspicious uploads or preview requests may help. There are no specific network commands provided in the resources. [2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include upgrading File Browser to version 2.33.7 or later, which contains a fix that sanitizes Markdown preview content using the DOMPurify library to prevent XSS. If upgrading is not immediately possible, reconfigure the Markdown parser to disallow all HTML elements or restrict HTML rendering. Additionally, implement a Content Security Policy (CSP) to restrict script execution in the browser. Monitoring and restricting user uploads of Markdown files with embedded HTML/JavaScript can also reduce risk. [1, 2]