90 matches found
CVE-2023-5524
CVE-2023-5524 refers to an inadequate file-type blacklist in M-Files Web Companion that enables Remote Code Execution . Technical details across sources indicate the vulnerability affects versions prior to 23.10 for the standard Web Companion and prior to 23.8 LTS SR1 for the LTS service release....
M-Files Web Code Issue Vulnerability
M-Files Web is an intelligent information management platform from M-Files USA, Inc. It is used to optimally support users in their daily work. A code issue vulnerability exists in M-Files Web versions prior to 23.10 that stems from an insufficient blacklist and allows remote code execution via...
M-Files Web Cross-Site Scripting Vulnerability
M-Files Web is an intelligent information management platform from M-Files USA, Inc. It is used to optimally support users in their daily work. A cross-site scripting vulnerability exists in M-Files Web versions prior to 23.10, which stems from a flaw in the execution of downloaded content that...
PT-2023-32153 · M Files · M-Files Web Companion
Name of the Vulnerable Software and Affected Versions: M-Files Web Companion versions prior to 23.10 M-Files Web Companion LTS Service Release Versions prior to 23.8 LTS SR1 Description: The issue is related to the execution of downloaded content, which allows for Remote Code Execution. This flaw...
CVE-2022-4862
Rendering of HTML provided by another authenticated user is possible in browser on M-Files Web before 22.12.12140.3. This allows the content to steal user sensitive information. This issue affects M-Files New Web: before 22.12.12140.3...
CVE-2022-4862
Rendering of HTML provided by another authenticated user is possible in browser on M-Files Web before 22.12.12140.3. This allows the content to steal user sensitive information. This issue affects M-Files New Web: before 22.12.12140.3...
CVE-2022-4862
Rendering of HTML provided by another authenticated user is possible in browser on M-Files Web before 22.12.12140.3. This allows the content to steal user sensitive information. This issue affects M-Files New Web: before 22.12.12140.3...
Information disclosure
Rendering of HTML provided by another authenticated user is possible in browser on M-Files Web before 22.12.12140.3. This allows the content to steal user sensitive information. This issue affects M-Files New Web: before 22.12.12140.3...
CVE-2022-4862 XSS vulnerability in M-Files Web
Rendering of HTML provided by another authenticated user is possible in browser on M-Files Web before 22.12.12140.3. This allows the content to steal user sensitive information. This issue affects M-Files New Web: before 22.12.12140.3...
CVE-2022-4862 XSS vulnerability in M-Files Web
Rendering of HTML provided by another authenticated user is possible in browser on M-Files Web before 22.12.12140.3. This allows the content to steal user sensitive information. This issue affects M-Files New Web: before 22.12.12140.3...
PT-2023-15884
Name of the Vulnerable Software and Affected Versions M-Files Web versions prior to 22.12.12140.3 M-Files New Web versions prior to 22.12.12140.3 Description The issue allows rendering of HTML provided by another authenticated user in the browser, which can lead to the theft of user sensitive...
M-Files Web 跨站脚本漏洞
M-Files Web is an intelligent information management platform from M-Files USA, Inc. It is used to optimally support users in their daily work. A security vulnerability exists in M-Files New Web versions prior to 22.12.12140.3, which stems from the ability to render HTML provided by another...
CVE-2022-4264
Incorrect Privilege Assignment in M-Files Web Classic in M-Files before 22.8.11691.0 allows low privilege user to change some configuration...
CVE-2022-4264
Incorrect Privilege Assignment in M-Files Web Classic in M-Files before 22.8.11691.0 allows low privilege user to change some configuration...
CVE-2022-4264
Incorrect Privilege Assignment in M-Files Web Classic in M-Files before 22.8.11691.0 allows low privilege user to change some configuration...
CVE-2022-4264 Incorrect privilege assignment in M-Files Web Server
Incorrect Privilege Assignment in M-Files Web Classic in M-Files before 22.8.11691.0 allows low privilege user to change some configuration...
CVE-2022-4264 Incorrect privilege assignment in M-Files Web Server
Incorrect Privilege Assignment in M-Files Web Classic in M-Files before 22.8.11691.0 allows low privilege user to change some configuration...
M-Files Web 安全漏洞
M-Files Web is an intelligent information management platform from M-Files USA, Inc. It is used to optimally support users in their daily work. A security vulnerability exists in M-Files Web versions prior to 22.8.11691.0 that stems from incorrect privilege assignment. An attacker exploiting the...
PT-2022-26503
Name of the Vulnerable Software and Affected Versions M-Files versions prior to 22.8.11691.0 Description The issue allows a low privilege user to change some configuration due to incorrect privilege assignment in M-Files Web Classic. Recommendations For versions prior to 22.8.11691.0, update to...
CVE-2022-4270
Incorrect privilege assignment issue in M-Files Web in M-Files Web versions before 22.5.11436.1 could have changed permissions accidentally...