90 matches found
CVE-2025-3087
Stored XSS in M-Files Web versions from 25.1.14445.5 to 25.2.14524.4 allows an authenticated user to run scripts...
CVE-2025-3087
Stored XSS in M-Files Web versions from 25.1.14445.5 to 25.2.14524.4 allows an authenticated user to run scripts...
CVE-2025-3087
Stored XSS in M-Files Web versions from 25.1.14445.5 to 25.2.14524.4 allows an authenticated user to run scripts...
CVE-2025-3087
Stored XSS in M-Files Web versions from 25.1.14445.5 to 25.2.14524.4 allows an authenticated user to run scripts...
CVE-2025-3087 Stored XSS Vulnerability in M-Files Web
Stored XSS in M-Files Web versions from 25.1.14445.5 to 25.2.14524.4 allows an authenticated user to run scripts...
CVE-2025-3087 Stored XSS Vulnerability in M-Files Web
Stored XSS in M-Files Web versions from 25.1.14445.5 to 25.2.14524.4 allows an authenticated user to run scripts...
CVE-2025-3087
CVE-2025-3087 concerns a stored XSS in M-Files Web. Affected are M-Files Web versions 25.1.14445.5 through 25.2.14524.4. The issue arises from stored cross-site scripting that can be triggered by an authenticated user who can run scripts. Documented impact is that scripts may be executed in the u...
M-Files Web 安全漏洞
M-Files Web is an intelligent information management platform from M-Files USA, Inc. It is used to optimally support users in their daily work. A security vulnerability exists in M-Files Web versions 25.1.14445.5 through 25.2.14524.4 that stems from a stored cross-site scripting attack...
PT-2025-14857 · M Files · M-Files Web
Name of the Vulnerable Software and Affected Versions: M-Files Web versions 25.1.14445.5 through 25.2.14524.4 Description: The issue allows an authenticated user to run scripts, which is a result of a stored XSS. This enables the execution of malicious scripts by authenticated users...
CVE-2023-4479
Stored XSS Vulnerability in M-Files Web versions before 23.8 allows attacker to execute script on users browser via stored HTML document within limited time period...
CVE-2023-4479
Stored XSS Vulnerability in M-Files Web versions before 23.8 allows attacker to execute script on users browser via stored HTML document within limited time period...
Cross site scripting
Stored XSS Vulnerability in M-Files Web versions before 23.8 allows attacker to execute script on users browser via stored HTML document within limited time period...
CVE-2023-4479
The CVE-2023-4479 entry concerns M-Files Web, where versions prior to 23.8 are affected by a stored XSS vulnerability. The issue allows an attacker to execute scripts in a user’s browser via a stored HTML document within a limited time period, indicating a client-side impact stemming from how HTM...
CVE-2023-4479 Stored XSS Vulnerability in M-Files Web
Stored XSS Vulnerability in M-Files Web versions before 23.8 allows attacker to execute script on users browser via stored HTML document within limited time period...
M-Files Web Security Vulnerability
M-Files Web is an intelligent information management platform from M-Files USA, Inc. It is used to optimally support users in their daily work. A security vulnerability exists in M-Files Web versions prior to 23.8 that stems from the presence of a stored cross-site scripting XSS vulnerability tha...
PT-2024-13200 · M Files · M-Files Web
Name of the Vulnerable Software and Affected Versions: M-Files Web versions prior to 23.8 Description: The issue allows an attacker to execute a script on a user's browser via a stored HTML document within a limited time period. This is a stored XSS vulnerability. Recommendations: For M-Files Web...
CVE-2023-5524
Insufficient blacklisting in M-Files Web Companion before release version 23.10 and LTS Service Release Versions before 23.8 LTS SR1 allows Remote Code Execution via specific file types...
CVE-2023-5523
Execution of downloaded content flaw in M-Files Web Companion before release version 23.10 and LTS Service Release Versions before 23.8 LTS SR1 allows Remote Code Execution...
CVE-2023-5524
Insufficient blacklisting in M-Files Web Companion before release version 23.10 and LTS Service Release Versions before 23.8 LTS SR1 allows Remote Code Execution via specific file types...
Remote code execution
Insufficient blacklisting in M-Files Web Companion before release version 23.10 and LTS Service Release Versions before 23.8 LTS SR1 allows Remote Code Execution via specific file types...