Rendering of HTML provided by another authenticated user is possible in browser on M-Files Web prior to 22.12.12140.3. This allows the content to steal user sensitive information. This issue affects M-Files New Web: prior to 22.12.12140.3.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
m-files m-files server |