Stored XSS in M-Files Hubshare versions before 5.0.6.0 allows an authenticated attacker to execute arbitrary JavaScript in user's browser session
References
Configurations
History
27 Aug 2024, 11:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
08 Aug 2024, 20:24
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.m-files.com/about/trust-center/security-advisories/cve-2024-6881/ - Vendor Advisory | |
CPE | cpe:2.3:a:m-files:hubshare:*:*:*:*:*:*:*:* | |
First Time |
M-files hubshare
M-files |
|
Summary |
|
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.4 |
29 Jul 2024, 13:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-07-29 13:15
Updated : 2024-08-27 11:15
NVD link : CVE-2024-6881
Mitre link : CVE-2024-6881
CVE.ORG link : CVE-2024-6881
JSON object : View
Products Affected
m-files
- hubshare
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')