M-files M-files_web

4 CVEs affecting M-files M-files_web. Latest disclosed: 2025-04-04. Critical: 0, High: 3.

Top CVEs affecting M-files M-files_web
CVESeverityScorePublishedSummary
CVE-2021-41807High7.52022-01-18Lack of rate limiting in M-Files Server and M-Files Web products with versions before 21.12.10873.0 in certain type of user accounts allows unlimited amount of…
CVE-2021-37253High7.52021-12-05M-Files Web before 20.10.9524.1 allows a denial of service via overlapping ranges (in HTTP requests with crafted Range or Request-Range headers). NOTE: this is…
CVE-2021-37254High7.52021-10-28In M-Files Web product with versions before 20.10.9524.1 and 20.10.9445.0, a remote attacker could use a flaw to obtain unauthenticated access to 3rd party com…
CVE-2025-3087Medium5.42025-04-04Stored XSS in M-Files Web versions from 25.1.14445.5 to 25.2.14524.4 allows an authenticated user to run scripts