Rendering of HTML provided by another authenticated user is possible in browser on M-Files Web before 22.12.12140.3. This allows the content to steal user sensitive information. This issue affects M-Files New Web: before 22.12.12140.3.
History

Wed, 28 Aug 2024 10:45:00 +0000

Type Values Removed Values Added
Description Rendering of HTML provided by another authenticated user is possible in browser on M-Files Web before 22.12.12140.3. This allows the content to steal user sensitive information. This issue affects M-Files New Web: before 22.12.12140.3. Rendering of HTML provided by another authenticated user is possible in browser on M-Files Web before 22.12.12140.3. This allows the content to steal user sensitive information. This issue affects M-Files New Web: before 22.12.12140.3.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: M-Files Corporation

Published: 2023-03-06T10:46:20.520Z

Updated: 2024-08-28T20:06:02.609Z

Reserved: 2022-12-30T13:51:58.099Z

Link: CVE-2022-4862

cve-icon Vulnrichment

Updated: 2024-08-03T01:55:45.786Z

cve-icon NVD

Status : Modified

Published: 2023-03-06T11:15:10.537

Modified: 2024-11-21T07:36:05.530

Link: CVE-2022-4862

cve-icon Redhat

No data.