📦 Liquidfiles

This cross-site scripting (XSS) vulnerability in LiquidFiles allows attackers to execute malicious scripts when users access specially crafted HTML attachments via the -htmlview URL. The impact can ra...

LiquidFiles filetransfer server versions prior to 4.2 have a user enumeration vulnerability in the password reset functionality. Unauthenticated attackers can determine valid user email addresses by o...

CVE-2021-43397 is a privilege escalation vulnerability in LiquidFiles that allows authenticated users with Admin or User Admin privileges to elevate their permissions to Sysadmin level. This affects L...