CVE-2026-36163 in LiquidFilesinfo

Summary

by MITRE • 07/08/2026

An HTML injection vulnerability in the file view endpoint of LiquidFiles v4.2.7 allows authenticated attackers to execute arbitrary JavaScript in the context of the victim's browser via the uploading of and user interaction with a crafted HTML file.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Responsible

MITRE

Reservation

04/06/2026

Disclosure

07/08/2026

Moderation

accepted

CPE

ready

EPSS

0.00000

KEV

no

Activities

very low

Sources

Might our Artificial Intelligence support you?

Check our Alexa App!