M-Files: >> Hubshare >> 3.3.10.9 Security Vulnerabilities
Stored HTML Injection in Social Module in M-Files Hubshare before version 5.0.8.6 allows authenticated user to spoof UI
CVSS Score
5.4
EPSS Score
0.002
Published
2024-10-02
Reflected XSS in M-Files Hubshare before version 5.0.6.0 allows an attacker to execute arbitrary JavaScript code in the context of the victim's browser session
CVSS Score
5.4
EPSS Score
0.001
Published
2024-07-29
Stored XSS in M-Files Hubshare versions before 5.0.6.0 allows an authenticated attacker to execute arbitrary JavaScript in user's browser session
CVSS Score
5.4
EPSS Score
0.001
Published
2024-07-29
Stored Cross-Site Scripting vulnerability in Social Module in M-Files Hubshare before version 5.0.6.0 allows authenticated attacker to run scripts in other users browser
CVSS Score
5.4
EPSS Score
0.007
Published
2024-05-24
Broken access controls on PDFtron data in M-Files Hubshare before 3.3.11.3 allows unauthenticated attackers to access restricted PDF files via a known URL.
CVSS Score
8.2
EPSS Score
0.001
Published
2022-10-31
Broken access controls on PDFtron WebviewerUI in M-Files Hubshare before 3.3.11.3 allows unauthenticated attackers to upload malicious files to the application server.
CVSS Score
6.3
EPSS Score
0.001
Published
2022-10-31