Tag

Epub

1 brief RSS

File Browser Stored XSS via Crafted EPUB File

File Browser version 2.62.1 and earlier is vulnerable to stored cross-site scripting (XSS) via crafted EPUB files, allowing attackers to execute arbitrary JavaScript in a victim's browser by exploiting the application's misconfigured iframe sandbox and stealing sensitive information like JWT tokens.

filebrowser xss epub cve-2026-34529

2r 5t 1c 2i Mar 31, 2026