Claris Filemaker Server

8 CVEs affecting Claris Filemaker Server. Latest disclosed: 2026-02-24. Critical: 1, High: 1.

Top CVEs affecting Claris Filemaker Server
CVESeverityScorePublishedSummary
CVE-2025-46295Critical9.82025-12-16Apache Commons Text versions prior to 1.10.0 included interpolation features that could be abused when applications passed untrusted input into the text-substi…
CVE-2024-27790High7.52024-05-14Claris International has resolved an issue of potentially allowing unauthorized access to records stored in databases hosted on FileMaker Server. This issue ha…
CVE-2025-46320Medium6.12026-02-24A cross-site scripting (XSS) vulnerability in a FileMaker WebDirect custom homepage could lead to unauthorized access and remote code execution. This vulnerabi…
CVE-2024-27794Medium6.12024-04-15Claris FileMaker Server before version 20.3.2 was susceptible to a reflected Cross-Site Scripting vulnerability due to an improperly handled parameter in the F…
CVE-2025-46296Medium5.42025-12-16An authorization bypass vulnerability in FileMaker Server Admin Console allowed administrator roles with minimal privileges to access administrative features s…
CVE-2025-46294Medium5.32025-12-16To enhance security, the FileMaker Server 22.0.4 installer now includes an option to disable IIS short filename enumeration by setting NtfsDisable8dot3NameCrea…
CVE-2023-42955Medium4.92024-05-14Claris International has successfully resolved an issue of potentially exposing password information to front-end websites when signed in to the Admin Console…
CVE-2023-42954Medium4.92024-03-21A privilege escalation issue existed in FileMaker Server, potentially exposing sensitive information to front-end websites when signed in to the Admin Console…