Lucene search
K

80 matches found

Positive Technologies
Positive Technologies
added 2024/07/29 12:0 a.m.6 views

PT-2024-37924

Name of the Vulnerable Software and Affected Versions M-Files Hubshare versions prior to 5.0.6.0 Description The issue allows an authenticated attacker to execute arbitrary JavaScript in a user's browser session. This is achieved through a stored XSS attack. Recommendations For versions prior to...

8.5CVSS5.6AI score0.00352EPSS
Exploits0References7
CNNVD
CNNVD
added 2024/07/29 12:0 a.m.7 views

M-Files Hubshare 安全漏洞

M-Files Hubshare is a collaboration solution from M-Files, Inc. designed to seamlessly share files, documents and collaborative content. A security vulnerability exists in M-Files Hubshare version 5.0.6.0 that stems from vulnerability to a stored cross-site scripting attack that allows an...

8.5CVSS6.2AI score0.00352EPSS
Exploits0References3
OSV
OSV
added 2024/05/24 6:15 a.m.4 views

CVE-2024-5142

Stored Cross-Site Scripting vulnerability in Social Module in M-Files Hubshare before version 5.0.6.0 allows authenticated attacker to run scripts in other users browser...

5.4CVSS5.8AI score0.00308EPSS
Exploits0References3
NVD
NVD
added 2024/05/24 6:15 a.m.17 views

CVE-2024-5142

Stored Cross-Site Scripting vulnerability in Social Module in M-Files Hubshare before version 5.0.6.0 allows authenticated attacker to run scripts in other users browser...

7CVSS5.7AI score0.00308EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2024/05/24 6:15 a.m.3 views

CVE-2024-5142

Stored Cross-Site Scripting vulnerability in Social Module in M-Files Hubshare before version 5.0.6.0 allows authenticated attacker to run scripts in other users browser...

7CVSS5.4AI score0.00308EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/05/24 5:58 a.m.17 views

CVE-2024-5142 XSS in Hubshare's social module

Stored Cross-Site Scripting vulnerability in Social Module in M-Files Hubshare before version 5.0.6.0 allows authenticated attacker to run scripts in other users browser...

7CVSS5.6AI score0.00308EPSS
Exploits0References2
CVE
CVE
added 2024/05/24 5:58 a.m.60 views

CVE-2024-5142

CVE-2024-5142 describes a Stored Cross-Site Scripting vulnerability in the Social Module of M-Files Hubshare, affecting versions prior to 5.0.6.0. The issue allows an authenticated attacker to execute scripts in other users’ browsers. Technical details across connected sources confirm the vulnera...

7CVSS5.6AI score0.00308EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2024/05/24 5:58 a.m.14 views

CVE-2024-5142 XSS in Hubshare's social module

Stored Cross-Site Scripting vulnerability in Social Module in M-Files Hubshare before version 5.0.6.0 allows authenticated attacker to run scripts in other users browser...

7CVSS5.7AI score0.00308EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/05/24 12:0 a.m.3 views

PT-2024-34626

Name of the Vulnerable Software and Affected Versions M-Files Hubshare versions prior to 5.0.6.0 Description The issue allows an authenticated attacker to run scripts in other users' browsers due to a Stored Cross-Site Scripting vulnerability in the Social Module. Recommendations For versions pri...

7CVSS5.3AI score0.00308EPSS
Exploits0References9
CNNVD
CNNVD
added 2024/05/24 12:0 a.m.3 views

M-Files Hubshare 安全漏洞

M-Files Hubshare is a collaboration solution from M-Files, Inc. designed to seamlessly share files, documents and collaborative content. A security vulnerability exists in M-Files Hubshare versions prior to 5.0.3.8. An attacker exploited the vulnerability to run scripts in other users' browsers...

7CVSS6.7AI score0.00308EPSS
Exploits0References3
OSV
OSV
added 2022/10/31 9:15 p.m.5 views

CVE-2022-39017

Improper input validation and output encoding in all comments fields, in M-Files Hubshare before 3.3.10.9 allows authenticated attackers to introduce cross-site scripting attacks via specially crafted comments...

5.4CVSS5.7AI score0.00362EPSS
Exploits0References1
OSV
OSV
added 2022/10/31 9:15 p.m.5 views

CVE-2022-39018

Broken access controls on PDFtron data in M-Files Hubshare before 3.3.11.3 allows unauthenticated attackers to access restricted PDF files via a known URL...

7.5CVSS5.8AI score0.00384EPSS
Exploits0References1
OSV
OSV
added 2022/10/31 9:15 p.m.5 views

CVE-2022-39019

Broken access controls on PDFtron WebviewerUI in M-Files Hubshare before 3.3.11.3 allows unauthenticated attackers to upload malicious files to the application server...

7.5CVSS5.8AI score0.00369EPSS
Exploits0References1
NVD
NVD
added 2022/10/31 9:15 p.m.14 views

CVE-2022-39017

Improper input validation and output encoding in all comments fields, in M-Files Hubshare before 3.3.10.9 allows authenticated attackers to introduce cross-site scripting attacks via specially crafted comments...

8.2CVSS0.00362EPSS
Exploits0References1
NVD
NVD
added 2022/10/31 9:15 p.m.16 views

CVE-2022-39018

Broken access controls on PDFtron data in M-Files Hubshare before 3.3.11.3 allows unauthenticated attackers to access restricted PDF files via a known URL...

8.2CVSS0.00384EPSS
Exploits0References1
NVD
NVD
added 2022/10/31 9:15 p.m.29 views

CVE-2022-39016

Javascript injection in PDFtron in M-Files Hubshare before 3.3.10.9 allows authenticated attackers to perform an account takeover via a crafted PDF upload...

8.8CVSS0.00491EPSS
Exploits0References1
OSV
OSV
added 2022/10/31 9:15 p.m.5 views

CVE-2022-39016

Javascript injection in PDFtron in M-Files Hubshare before 3.3.10.9 allows authenticated attackers to perform an account takeover via a crafted PDF upload...

8.8CVSS5.8AI score0.00491EPSS
Exploits0References1
Prion
Prion
added 2022/10/31 9:15 p.m.20 views

Cross site scripting

Improper input validation and output encoding in all comments fields, in M-Files Hubshare before 3.3.10.9 allows authenticated attackers to introduce cross-site scripting attacks via specially crafted comments...

4.9CVSS5.2AI score0.00362EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2022/10/31 9:15 p.m.17 views

Improper access control

Broken access controls on PDFtron WebviewerUI in M-Files Hubshare before 3.3.11.3 allows unauthenticated attackers to upload malicious files to the application server...

5CVSS7.6AI score0.00369EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2022/10/31 9:15 p.m.22 views

Improper access control

Broken access controls on PDFtron data in M-Files Hubshare before 3.3.11.3 allows unauthenticated attackers to access restricted PDF files via a known URL...

5CVSS7.5AI score0.00384EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder