No advisories yet.
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
Wed, 08 Jul 2026 14:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
cvssV3_1
|
Wed, 08 Jul 2026 05:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Authenticated Stored XSS via Upload File Shares API in LiquidFiles 4.2.7 | |
| Weaknesses | CWE-79 |
Wed, 08 Jul 2026 00:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Liquidfiles
Liquidfiles liquidfiles |
|
| Vendors & Products |
Liquidfiles
Liquidfiles liquidfiles |
Tue, 07 Jul 2026 22:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | An authenticated stored cross-site scripting (XSS) vulnerability in the Upload File Shares API of LiquidFiles v4.2.7 allows attackers to execute arbitrary Javascript or HTML via injecting a crafted payload into the Name parameter. | |
| References |
|
Projects
Sign in to view the affected projects.
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2026-07-08T13:36:22.536Z
Reserved: 2026-04-06T00:00:00.000Z
Link: CVE-2026-36162
Updated: 2026-07-08T13:35:44.131Z
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-08T05:00:05Z