gtsteffaniak/filebrowser v1.3.9-beta

on GitHub

What's Changed

Security:

• [Critical] Unauthenticated Path Traversal in Public Share Delete Allows Arbitrary File Deletion GHSA-fwj3-42wh-8673 (thanks @Yesuhei)
• [Moderate] Stored XSS via SVG File in Public Share (Missing CSP Header) GHSA-mmpx-jh39-wrv6 (thanks @MuxiLyuLucy)

BugFixes:

• Fix context menu items and adjusted when items show to more accurately reflect permissions.

Full Changelog: v1.3.8-beta...v1.3.9-beta