Vulnerability Details CVE-2025-2091
An open redirection vulnerability in M-Files mobile applications for Android and iOS prior to version 25.6.0 allows attackers to use maliciously crafted PDF files to trick other users into making requests to untrusted URLs.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 8.1%
CVSS Severity
CVSS v3 Score 5.4
Products affected by CVE-2025-2091
-
cpe:2.3:a:m-files:m-files_mobile:23.12.0
-
cpe:2.3:a:m-files:m-files_mobile:23.12.1
-
cpe:2.3:a:m-files:m-files_mobile:23.3.0
-
cpe:2.3:a:m-files:m-files_mobile:23.6.0
-
cpe:2.3:a:m-files:m-files_mobile:23.9.0
-
cpe:2.3:a:m-files:m-files_mobile:24.12.0
-
cpe:2.3:a:m-files:m-files_mobile:24.12.1
-
cpe:2.3:a:m-files:m-files_mobile:24.3.0
-
cpe:2.3:a:m-files:m-files_mobile:24.6.0
-
cpe:2.3:a:m-files:m-files_mobile:24.9.0
-
cpe:2.3:a:m-files:m-files_mobile:25.3.0
-
cpe:2.3:a:m-files:m-files_mobile:25.3.1
-
cpe:2.3:a:m-files:m-files_mobile:4.2.1
-
cpe:2.3:a:m-files:m-files_mobile:4.2.2
-
cpe:2.3:a:m-files:m-files_mobile:4.2.3
-
cpe:2.3:a:m-files:m-files_mobile:4.3.0
-
cpe:2.3:a:m-files:m-files_mobile:4.3.1
-
cpe:2.3:a:m-files:m-files_mobile:4.4.0
-
cpe:2.3:a:m-files:m-files_mobile:4.5.0
-
cpe:2.3:a:m-files:m-files_mobile:4.6.0
-
cpe:2.3:a:m-files:m-files_mobile:4.7.0
-
cpe:2.3:a:m-files:m-files_mobile:4.8.0
-
cpe:2.3:a:m-files:m-files_mobile:4.9.0
-
cpe:2.3:a:m-files:m-files_mobile:5.0.0