The vulnerability is an authenticated DOM‐based HTML Injection that lets a logged‑in user inject arbitrary markup into file tag attributes. This can be used to add form elements that call backend endpoints or create links that redirect users; whether this could lead to privilege escalation or phishing is an inference and not explicitly stated in the vendor's description. The flaw arises from improper handling of the color property and falls under CWE‑116 and CWE‑79. Because it requires authentication, it does not pose a purely remote threat but users can leverage it to move laterally within the application.

The issue affects the FileRise self‑hosted web file manager / WebDAV server from the error311 vendor. Versions prior to 3.3.0 are vulnerable; version 3.3.0 and later include the fix. The affected product is FileRise from error311.

The CVSS base score is 4.6, indicating low to moderate severity. The EPSS score is less than 1%, suggesting a very small likelihood of exploitation at the time of analysis. The vulnerability is not listed in the CISA KEV catalog. Attackers must be authenticated to the application. Once authenticated, they can modify the DOM and potentially trigger calls to internal endpoints or redirect users, which may enable further attacks such as phishing; whether privilege escalation could occur is an inference. Given the low EPSS and lack of known public exploits, the immediate risk is moderate but should still be mitigated promptly.