This vulnerability has a CVSS score of 7.5 with a high severity rating.
|FileCloud Versions 22.1 and earlier
|FileCloud Version 23.1 and later
In versions of phpseclib package earlier than 3.0.19, an infinite loop may occur.
These vulnerabilities have been fixed in FileCloud version 188.8.131.5295 which upgrades PHP to version 8.2, which includes a version of phpseclib above 3.0.
What you should do to fix this vulnerability
- If you are using FileCloud Server, it is recommended that you update to the latest version, which is 184.108.40.20695 or greater. This will resolve the issue.
- If you are using FileCloud Online, your site has already been updated to the latest version.
If you have any questions about this advisory, please contact FileCloud support.