CVE-2026-30579

Published: Mar 20, 2026 Last Modified: Mar 20, 2026

ExploitDB:

Other exploit source:

Google Dorks:

Description

AI Translation Available

File Thingie 2.5.7 is vulnerable to Cross Site Scripting (XSS). A malicious user can leverage the 'upload file' functionality to upload a file with a crafted file name used to trigger a Javascript payload.

https://github.com/leefish/filethingie

https://github.com/SpeWnz/Vulnerability-Research/tree/main/…

https://github.com/SpeWnz/Vulnerability-Research/tree/main/CVE-2026-30579

CVE-2026-30579

Description

Iscriviti alla newsletter