CVE-2023-28875 Information

Description

A Stored XSS issue in shared files download terms in Filerun Update 20220202 allows attackers to inject JavaScript code that is executed when a user follows the crafted share link.

Reference

https://filerun.com/changelog https://herolab.usd.de/security-advisories/usd-2022-0009/