CVSS4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
PASSIVE
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/SC:N/VI:H/SI:N/VA:N/SA:N/U:Clear/RE:M
AI Score
Confidence
High
EPSS
Percentile
14.5%
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
Stored XSS in M-Files Hubshare versions before 5.0.6.0 allows an authenticated attacker to execute arbitrary JavaScript in user’s browser session
CVSS4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
PASSIVE
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/SC:N/VI:H/SI:N/VA:N/SA:N/U:Clear/RE:M
AI Score
Confidence
High
EPSS
Percentile
14.5%
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial