exploitDog

GHSA-525r-jw95-mh3f

Опубликовано: 16 июн. 2025

Источник: github

Github: Не прошло ревью

CVSS4: 4.8

CVSS3: 5.4

Описание

An open redirection vulnerability in M-Files mobile applications for Android and iOS prior to version 25.6.0 allows attackers to use maliciously crafted PDF files to trick other users into making requests to untrusted URLs.

An open redirection vulnerability in M-Files mobile applications for Android and iOS prior to version 25.6.0 allows attackers to use maliciously crafted PDF files to trick other users into making requests to untrusted URLs.

Ссылки

EPSS

Процентиль: 9%

0.00031

Низкий

4.8 Medium

CVSS4

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-601

Связанные уязвимости

CVE-2025-2091

CVSS3: 5.4

nvd

8 месяцев назад

An open redirection vulnerability in M-Files mobile applications for Android and iOS prior to version 25.6.0 allows attackers to use maliciously crafted PDF files to trick other users into making requests to untrusted URLs.

EPSS

Процентиль: 9%

0.00031

Низкий

4.8 Medium

CVSS4

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-601