Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Javascript injection in PDFtron in M-Files Hubshare
Vulnerability Description
Javascript injection in PDFtron in M-Files Hubshare before 3.3.10.9 allows authenticated attackers to perform an account takeover via a crafted PDF upload.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L
Vulnerability Type
输入验证不恰当
Vulnerability Title
M-Files Hubshare 注入漏洞
Vulnerability Description
M-Files Hubshare是M-Files公司的一个协作解决方案。旨在无缝共享文件、文档和协作内容。 M-Files Hubshare 3.3.10.9之前的版本存在安全漏洞,该漏洞源于其PDFtron允许经过身份验证的攻击者通过注入javascript上传精心制作的PDF实现帐户接管。
CVSS Information
N/A
Vulnerability Type
N/A