Rendering of HTML provided by another authenticated user is possible in browser on M-Files Web before 22.12.12140.3. This allows the content to steal user sensitive information.
This issue affects M-Files New Web: before 22.12.12140.3.
Metrics
Affected Vendors & Products
References
History
Wed, 28 Aug 2024 10:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Rendering of HTML provided by another authenticated user is possible in browser on M-Files Web before 22.12.12140.3. This allows the content to steal user sensitive information. This issue affects M-Files New Web: before 22.12.12140.3. | Rendering of HTML provided by another authenticated user is possible in browser on M-Files Web before 22.12.12140.3. This allows the content to steal user sensitive information. This issue affects M-Files New Web: before 22.12.12140.3. |
References |
|
MITRE
Status: PUBLISHED
Assigner: M-Files Corporation
Published: 2023-03-06T10:46:20.520Z
Updated: 2024-08-28T20:06:02.609Z
Reserved: 2022-12-30T13:51:58.099Z
Link: CVE-2022-4862
Vulnrichment
Updated: 2024-08-03T01:55:45.786Z
NVD
Status : Modified
Published: 2023-03-06T11:15:10.537
Modified: 2024-11-21T07:36:05.530
Link: CVE-2022-4862
Redhat
No data.