Lucene search
K

90 matches found

RedhatCVE
RedhatCVE
added 2025/04/06 7:35 a.m.21 views

CVE-2025-3087

Stored XSS in M-Files Web versions from 25.1.14445.5 to 25.2.14524.4 allows an authenticated user to run scripts...

5.4CVSS5.7AI score0.00254EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/04/04 7:15 a.m.3 views

CVE-2025-3087

Stored XSS in M-Files Web versions from 25.1.14445.5 to 25.2.14524.4 allows an authenticated user to run scripts...

5.4CVSS5.3AI score0.00254EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2025/04/04 7:15 a.m.14 views

CVE-2025-3087

Stored XSS in M-Files Web versions from 25.1.14445.5 to 25.2.14524.4 allows an authenticated user to run scripts...

5.4CVSS0.00254EPSS
Exploits0References2
OSV
OSV
added 2025/04/04 7:15 a.m.6 views

CVE-2025-3087

Stored XSS in M-Files Web versions from 25.1.14445.5 to 25.2.14524.4 allows an authenticated user to run scripts...

5.4CVSS5.8AI score0.00254EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/04/04 6:40 a.m.11 views

CVE-2025-3087 Stored XSS Vulnerability in M-Files Web

Stored XSS in M-Files Web versions from 25.1.14445.5 to 25.2.14524.4 allows an authenticated user to run scripts...

5.1CVSS5.9AI score0.00254EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/04/04 6:40 a.m.18 views

CVE-2025-3087 Stored XSS Vulnerability in M-Files Web

Stored XSS in M-Files Web versions from 25.1.14445.5 to 25.2.14524.4 allows an authenticated user to run scripts...

5.1CVSS0.00254EPSS
Exploits0References2
CVE
CVE
added 2025/04/04 6:40 a.m.81 views

CVE-2025-3087

CVE-2025-3087 concerns a stored XSS in M-Files Web. Affected are M-Files Web versions 25.1.14445.5 through 25.2.14524.4. The issue arises from stored cross-site scripting that can be triggered by an authenticated user who can run scripts. Documented impact is that scripts may be executed in the u...

5.4CVSS5.9AI score0.00254EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2025/04/04 12:0 a.m.3 views

M-Files Web 安全漏洞

M-Files Web is an intelligent information management platform from M-Files USA, Inc. It is used to optimally support users in their daily work. A security vulnerability exists in M-Files Web versions 25.1.14445.5 through 25.2.14524.4 that stems from a stored cross-site scripting attack...

5.4CVSS5.8AI score0.00254EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/04 12:0 a.m.4 views

PT-2025-14857 · M Files · M-Files Web

Name of the Vulnerable Software and Affected Versions: M-Files Web versions 25.1.14445.5 through 25.2.14524.4 Description: The issue allows an authenticated user to run scripts, which is a result of a stored XSS. This enables the execution of malicious scripts by authenticated users...

5.1CVSS5.7AI score0.00254EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2024/03/04 8:15 a.m.2 views

CVE-2023-4479

Stored XSS Vulnerability in M-Files Web versions before 23.8 allows attacker to execute script on users browser via stored HTML document within limited time period...

7.3CVSS7.5AI score0.00436EPSS
Exploits0References4
OSV
OSV
added 2024/03/04 8:15 a.m.7 views

CVE-2023-4479

Stored XSS Vulnerability in M-Files Web versions before 23.8 allows attacker to execute script on users browser via stored HTML document within limited time period...

5.4CVSS5.9AI score0.00436EPSS
Exploits0References3
Prion
Prion
added 2024/03/04 8:15 a.m.11 views

Cross site scripting

Stored XSS Vulnerability in M-Files Web versions before 23.8 allows attacker to execute script on users browser via stored HTML document within limited time period...

4.9CVSS5.8AI score0.00436EPSS
Exploits0References1
CVE
CVE
added 2024/03/04 7:17 a.m.58 views

CVE-2023-4479

The CVE-2023-4479 entry concerns M-Files Web, where versions prior to 23.8 are affected by a stored XSS vulnerability. The issue allows an attacker to execute scripts in a user’s browser via a stored HTML document within a limited time period, indicating a client-side impact stemming from how HTM...

7.3CVSS6.8AI score0.00436EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2024/03/04 7:17 a.m.16 views

CVE-2023-4479 Stored XSS Vulnerability in M-Files Web

Stored XSS Vulnerability in M-Files Web versions before 23.8 allows attacker to execute script on users browser via stored HTML document within limited time period...

7.3CVSS5.7AI score0.00436EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/03/04 12:0 a.m.5 views

M-Files Web Security Vulnerability

M-Files Web is an intelligent information management platform from M-Files USA, Inc. It is used to optimally support users in their daily work. A security vulnerability exists in M-Files Web versions prior to 23.8 that stems from the presence of a stored cross-site scripting XSS vulnerability tha...

7.3CVSS5.4AI score0.00436EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/03/04 12:0 a.m.6 views

PT-2024-13200 · M Files · M-Files Web

Name of the Vulnerable Software and Affected Versions: M-Files Web versions prior to 23.8 Description: The issue allows an attacker to execute a script on a user's browser via a stored HTML document within a limited time period. This is a stored XSS vulnerability. Recommendations: For M-Files Web...

7.3CVSS6.1AI score0.00436EPSS
Exploits0References6
OSV
OSV
added 2023/10/20 7:15 a.m.6 views

CVE-2023-5524

Insufficient blacklisting in M-Files Web Companion before release version 23.10 and LTS Service Release Versions before 23.8 LTS SR1 allows Remote Code Execution via specific file types...

7.3CVSS5.8AI score0.00312EPSS
Exploits0References3
OSV
OSV
added 2023/10/20 7:15 a.m.4 views

CVE-2023-5523

Execution of downloaded content flaw in M-Files Web Companion before release version 23.10 and LTS Service Release Versions before 23.8 LTS SR1 allows Remote Code Execution...

7.8CVSS5.8AI score0.00328EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2023/10/20 7:15 a.m.3 views

CVE-2023-5524

Insufficient blacklisting in M-Files Web Companion before release version 23.10 and LTS Service Release Versions before 23.8 LTS SR1 allows Remote Code Execution via specific file types...

8.2CVSS7.5AI score0.00312EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2023/10/20 7:15 a.m.22 views

Remote code execution

Insufficient blacklisting in M-Files Web Companion before release version 23.10 and LTS Service Release Versions before 23.8 LTS SR1 allows Remote Code Execution via specific file types...

4.1CVSS7.2AI score0.00312EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder