Lucene search
K

90 matches found

CVE
CVE
added 2023/10/20 6:41 a.m.49 views

CVE-2023-5524

CVE-2023-5524 refers to an inadequate file-type blacklist in M-Files Web Companion that enables Remote Code Execution . Technical details across sources indicate the vulnerability affects versions prior to 23.10 for the standard Web Companion and prior to 23.8 LTS SR1 for the LTS service release....

8.2CVSS7.6AI score0.00312EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2023/10/20 12:0 a.m.6 views

M-Files Web Code Issue Vulnerability

M-Files Web is an intelligent information management platform from M-Files USA, Inc. It is used to optimally support users in their daily work. A code issue vulnerability exists in M-Files Web versions prior to 23.10 that stems from an insufficient blacklist and allows remote code execution via...

8.2CVSS7.8AI score0.00312EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/10/20 12:0 a.m.4 views

M-Files Web Cross-Site Scripting Vulnerability

M-Files Web is an intelligent information management platform from M-Files USA, Inc. It is used to optimally support users in their daily work. A cross-site scripting vulnerability exists in M-Files Web versions prior to 23.10, which stems from a flaw in the execution of downloaded content that...

8.6CVSS7.1AI score0.00328EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/10/19 12:0 a.m.4 views

PT-2023-32153 · M Files · M-Files Web Companion

Name of the Vulnerable Software and Affected Versions: M-Files Web Companion versions prior to 23.10 M-Files Web Companion LTS Service Release Versions prior to 23.8 LTS SR1 Description: The issue is related to the execution of downloaded content, which allows for Remote Code Execution. This flaw...

8.6CVSS7.7AI score0.00328EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2023/03/06 11:15 a.m.4 views

CVE-2022-4862

Rendering of HTML provided by another authenticated user is possible in browser on M-Files Web before 22.12.12140.3. This allows the content to steal user sensitive information. This issue affects M-Files New Web: before 22.12.12140.3...

7.6CVSS7.5AI score0.00358EPSS
Exploits0References4
NVD
NVD
added 2023/03/06 11:15 a.m.26 views

CVE-2022-4862

Rendering of HTML provided by another authenticated user is possible in browser on M-Files Web before 22.12.12140.3. This allows the content to steal user sensitive information. This issue affects M-Files New Web: before 22.12.12140.3...

7.6CVSS5.7AI score0.00358EPSS
Exploits0References3
OSV
OSV
added 2023/03/06 11:15 a.m.4 views

CVE-2022-4862

Rendering of HTML provided by another authenticated user is possible in browser on M-Files Web before 22.12.12140.3. This allows the content to steal user sensitive information. This issue affects M-Files New Web: before 22.12.12140.3...

7.6CVSS5.8AI score0.00358EPSS
Exploits0References3
Prion
Prion
added 2023/03/06 11:15 a.m.29 views

Information disclosure

Rendering of HTML provided by another authenticated user is possible in browser on M-Files Web before 22.12.12140.3. This allows the content to steal user sensitive information. This issue affects M-Files New Web: before 22.12.12140.3...

4.9CVSS7.2AI score0.00358EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/03/06 10:46 a.m.34 views

CVE-2022-4862 XSS vulnerability in M-Files Web

Rendering of HTML provided by another authenticated user is possible in browser on M-Files Web before 22.12.12140.3. This allows the content to steal user sensitive information. This issue affects M-Files New Web: before 22.12.12140.3...

5CVSS7.5AI score0.00358EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/03/06 10:46 a.m.18 views

CVE-2022-4862 XSS vulnerability in M-Files Web

Rendering of HTML provided by another authenticated user is possible in browser on M-Files Web before 22.12.12140.3. This allows the content to steal user sensitive information. This issue affects M-Files New Web: before 22.12.12140.3...

5CVSS6.4AI score0.00358EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/03/06 12:0 a.m.4 views

PT-2023-15884

Name of the Vulnerable Software and Affected Versions M-Files Web versions prior to 22.12.12140.3 M-Files New Web versions prior to 22.12.12140.3 Description The issue allows rendering of HTML provided by another authenticated user in the browser, which can lead to the theft of user sensitive...

7.6CVSS7.4AI score0.00358EPSS
Exploits0References8
CNNVD
CNNVD
added 2023/03/06 12:0 a.m.4 views

M-Files Web 跨站脚本漏洞

M-Files Web is an intelligent information management platform from M-Files USA, Inc. It is used to optimally support users in their daily work. A security vulnerability exists in M-Files New Web versions prior to 22.12.12140.3, which stems from the ability to render HTML provided by another...

7.6CVSS7.3AI score0.00358EPSS
Exploits0References3
NVD
NVD
added 2022/12/09 3:15 p.m.21 views

CVE-2022-4264

Incorrect Privilege Assignment in M-Files Web Classic in M-Files before 22.8.11691.0 allows low privilege user to change some configuration...

6.5CVSS0.00516EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/12/09 3:15 p.m.3 views

CVE-2022-4264

Incorrect Privilege Assignment in M-Files Web Classic in M-Files before 22.8.11691.0 allows low privilege user to change some configuration...

6.5CVSS5AI score0.00516EPSS
Exploits0References4
OSV
OSV
added 2022/12/09 3:15 p.m.6 views

CVE-2022-4264

Incorrect Privilege Assignment in M-Files Web Classic in M-Files before 22.8.11691.0 allows low privilege user to change some configuration...

4.3CVSS5.8AI score0.00516EPSS
Exploits0References3
Cvelist
Cvelist
added 2022/12/09 2:8 p.m.20 views

CVE-2022-4264 Incorrect privilege assignment in M-Files Web Server

Incorrect Privilege Assignment in M-Files Web Classic in M-Files before 22.8.11691.0 allows low privilege user to change some configuration...

6.5CVSS6.7AI score0.00516EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2022/12/09 2:8 p.m.14 views

CVE-2022-4264 Incorrect privilege assignment in M-Files Web Server

Incorrect Privilege Assignment in M-Files Web Classic in M-Files before 22.8.11691.0 allows low privilege user to change some configuration...

6.5CVSS6.9AI score0.00516EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/12/09 12:0 a.m.4 views

M-Files Web 安全漏洞

M-Files Web is an intelligent information management platform from M-Files USA, Inc. It is used to optimally support users in their daily work. A security vulnerability exists in M-Files Web versions prior to 22.8.11691.0 that stems from incorrect privilege assignment. An attacker exploiting the...

6.5CVSS5.2AI score0.00516EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/12/09 12:0 a.m.5 views

PT-2022-26503

Name of the Vulnerable Software and Affected Versions M-Files versions prior to 22.8.11691.0 Description The issue allows a low privilege user to change some configuration due to incorrect privilege assignment in M-Files Web Classic. Recommendations For versions prior to 22.8.11691.0, update to...

6.5CVSS5AI score0.00516EPSS
Exploits0References7
OSV
OSV
added 2022/12/02 1:15 p.m.6 views

CVE-2022-4270

Incorrect privilege assignment issue in M-Files Web in M-Files Web versions before 22.5.11436.1 could have changed permissions accidentally...

2.6CVSS5.8AI score0.00514EPSS
Exploits0References3
Rows per page
Query Builder