CVE-2024-6124

Reflected XSS in M-Files Hubshare before version 5.0.6.0 allows an attacker to execute arbitrary JavaScript code in the context of the victim's browser session
Configurations

Configuration 1 (hide)

cpe:2.3:a:m-files:hubshare:*:*:*:*:*:*:*:*

History

27 Aug 2024, 11:15

Type Values Removed Values Added
References
  • {'url': 'https://www.m-files.com/about/trust-center/security-advisories/cve-2024-6124/', 'tags': ['Vendor Advisory'], 'source': 'security@m-files.com'}
  • () https://product.m-files.com/security-advisories/cve-2024-6124/ -

08 Aug 2024, 20:24

Type Values Removed Values Added
References () https://www.m-files.com/about/trust-center/security-advisories/cve-2024-6124/ - () https://www.m-files.com/about/trust-center/security-advisories/cve-2024-6124/ - Vendor Advisory
First Time M-files hubshare
M-files
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.4
Summary
  • (es) XSS reflejado en M-Files Hubshare anterior a la versión 5.0.6.0 permite a un atacante ejecutar código JavaScript arbitrario en el contexto de la sesión del navegador de la víctima
CPE cpe:2.3:a:m-files:hubshare:*:*:*:*:*:*:*:*

29 Jul 2024, 13:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-07-29 13:15

Updated : 2024-08-27 11:15


NVD link : CVE-2024-6124

Mitre link : CVE-2024-6124

CVE.ORG link : CVE-2024-6124


JSON object : View

Products Affected

m-files

  • hubshare
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')