CVE-2026-33477

{"id": "CVE-2026-33477", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 2.8}]}, "published": "2026-03-26T18:16:29.580", "references": [{"url": "https://github.com/error311/FileRise/releases/tag/v3.11.0", "tags": ["Release Notes"], "source": "security-advisories@github.com"}, {"url": "https://github.com/error311/FileRise/security/advisories/GHSA-62wx-vp78-2p83", "tags": ["Exploit", "Mitigation", "Vendor Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/error311/FileRise/security/advisories/GHSA-62wx-vp78-2p83", "tags": ["Exploit", "Mitigation", "Vendor Advisory"], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-863"}]}], "descriptions": [{"lang": "en", "value": "FileRise is a self-hosted web-based file manager with multi-file upload, editing, and batch operations. In versiosn 2.3.7 through 3.10.0, the file snippet endpoint `/api/file/snippet.php` allows an authenticated user with only `read_own` access to a folder to retrieve snippet content from files uploaded by other users in the same folder. This is a server-side authorization flaw in the `read_own` enforcement for hover previews. Version 3.11.0 fixes the issue."}, {"lang": "es", "value": "FileRise es un gestor de archivos autohospedado basado en web con carga de m\u00faltiples archivos, edici\u00f3n y operaciones por lotes. En las versiones 2.3.7 a la 3.10.0, el endpoint de fragmentos de archivo `/api/file/snippet.php` permite a un usuario autenticado con solo acceso 'read_own' a una carpeta recuperar contenido de fragmentos de archivos subidos por otros usuarios en la misma carpeta. Esto es una falla de autorizaci\u00f3n del lado del servidor en la aplicaci\u00f3n de 'read_own' para las vistas previas al pasar el rat\u00f3n. La versi\u00f3n 3.11.0 corrige el problema."}], "lastModified": "2026-03-31T12:38:12.703", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:filerise:filerise:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "51D0BB82-B0E1-4A29-9C51-EA8DAE58105A", "versionEndExcluding": "3.11.0", "versionStartIncluding": "2.3.7"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}