Insufficient blacklisting in M-Files Web Companion before release version 23.10 and LTS Service Release Versions before 23.8 LTS SR1 allows Remote Code Execution via specific file types
History

Wed, 28 Aug 2024 19:30:00 +0000


Wed, 28 Aug 2024 09:45:00 +0000


Wed, 28 Aug 2024 08:30:00 +0000

Type Values Removed Values Added
Description Insufficient blacklisting in M-Files Web Companion before release version 23.10 and LTS Service Release Versions before 23.8 LTS SR1 allows Remote Code Execution via specific file types Insufficient blacklisting in M-Files Web Companion before release version 23.10 and LTS Service Release Versions before 23.8 LTS SR1 allows Remote Code Execution via specific file types
References

cve-icon MITRE

Status: PUBLISHED

Assigner: M-Files Corporation

Published: 2023-10-20T06:41:56.499Z

Updated: 2024-08-28T18:32:12.041Z

Reserved: 2023-10-11T13:31:23.607Z

Link: CVE-2023-5524

cve-icon Vulnrichment

Updated: 2024-08-02T07:59:44.751Z

cve-icon NVD

Status : Modified

Published: 2023-10-20T07:15:17.717

Modified: 2024-11-21T08:41:56.367

Link: CVE-2023-5524

cve-icon Redhat

No data.