CVE-2025-64523

Name of the Vulnerable Software and Affected Versions File Browser versions prior to 2.45.1

Description File Browser provides a file managing interface for tasks like uploading, deleting, previewing, renaming, and editing files. An Insecure Direct Object Reference (IDOR) exists in the application's share deletion functionality. This allows any authenticated user with share permissions to delete shared links belonging to other users without proper authorization checks. This can disrupt business operations through denial of service, potential data loss in collaborative environments, and compromise data confidentiality. The impact is significant in organizational settings where file sharing is critical for projects and collaboration.

Recommendations Update to version 2.45.1 or later.