M-Files Web prior to 20.10.9524.1 allows a denial of service via overlapping ranges (in HTTP requests with crafted Range or Request-Range headers). NOTE: this is disputed because the range behavior is the responsibility of the web server, not the responsibility of the individual web application
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
m-files m-files web |