CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
AI Score
Confidence
High
EPSS
Percentile
18.7%
Stored XSS Vulnerability in M-Files Classic Web versions before 23.10Β and LTS Service Release Versions before 23.2 LTS SR4 and 23.8 LTS SR1allows attacker to execute script on users browser via stored HTML document.
Vendor | Product | Version | CPE |
---|---|---|---|
m-files | classic_web | * | cpe:2.3:a:m-files:classic_web:*:*:*:*:-:*:*:* |
m-files | classic_web | 23.2 | cpe:2.3:a:m-files:classic_web:23.2:-:*:*:lts:*:*:* |
m-files | classic_web | 23.8 | cpe:2.3:a:m-files:classic_web:23.8:-:*:*:lts:*:*:* |
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
AI Score
Confidence
High
EPSS
Percentile
18.7%