Emma Kantanen

Researcher fromWithSecure
#15873of 53,639
17Total CVSS
Vulnerabilities · 2
High
2
PT-2024-37400
8.5
2024-07-29
M Files · M-Files Hubshare · CVE-2024-6124
Name of the Vulnerable Software and Affected Versions: M-Files Hubshare versions prior to 5.0.6.0 Description: The issue allows an attacker to execute arbitrary JavaScript code in the context of the victim's browser session. This is achieved through a reflected XSS attack. Recommendations: For versions prior to 5.0.6.0, update to version 5.0.6.0 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive areas of the application to minimize the risk of exploitation.
PT-2024-37924
8.5
2024-07-29
M Files · M-Files Hubshare · CVE-2024-6881
**Name of the Vulnerable Software and Affected Versions** M-Files Hubshare versions prior to 5.0.6.0 **Description** The issue allows an authenticated attacker to execute arbitrary JavaScript in a user's browser session. This is achieved through a stored XSS attack. **Recommendations** For versions prior to 5.0.6.0, update to version 5.0.6.0 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive areas of the application to minimize the risk of exploitation.