Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
M-Files Web Companion allows Remote Code Execution
Vulnerability Description
Execution of downloaded content flaw in M-Files Web Companion before release version 23.10 and LTS Service Release Versions before 23.8 LTS SR1 allows Remote Code Execution
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Vulnerability Type
从非可信控制范围包含功能例程
Vulnerability Title
M-Files Web 跨站脚本漏洞
Vulnerability Description
M-Files Web是美国M-Files公司的一个智能信息管理平台。用于优化支持用户日常工作。 M-Files Web 23.10 之前存在跨站脚本漏洞,该漏洞源于执行下载内容存在缺陷,允许远程执行代码。
CVSS Information
N/A
Vulnerability Type
N/A