Spoofing Attack in M-Files Hubshare before version 5.0.8.6
CVE-2024-9174

6.9MEDIUM

Key Information:

Vendor: M-files Corporation
Status: M-files Hubshare
Vendor: CVE Published:; 2 October 2024

🔔 Create M-files Corporation Vulnerability Alert

What is CVE-2024-9174?

Stored HTML Injection in Social Module in M-Files Hubshare before version 5.0.8.6 allows authenticated user to spoof UI

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

M-Files Hubshare 0+ < 5.0.8.6

References

https://product.m-files.com/security-advisories/cve-2024-...

vendor-advisory

https://empower.m-files.com/security-advisories/CVE-2024-...

vendor-advisory

CVSS V4

Score:

6.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Timeline

Vulnerability published
Oct 2, 2024
Vulnerability Reserved
Sep 25, 2024

Credit

Wesley R @ Resillion

JSON

M-files Corporation