Vulnerability in N/a

CVE-2026-30579

File Thingie 2.5.7 is vulnerable to Cross Site Scripting (XSS). A malicious user can leverage the "upload file" functionality to upload a file with a crafted file name used to trigger a Javascript payload.

EPSS: 0.000 (14.2th percentile) — read the EPSS interpretation.

Affected products

  • N/a — versions n/a

References