Описание
An information disclosure vulnerability in M-Files Server before versions 25.12.15491.7, 25.8 LTS SR3, 25.2 LTS SR3 and 24.8 LTS SR5 allows an authenticated attacker using M-Files Web to capture session tokens of other active users.
EPSS
Процентиль: 17%
0.00054
Низкий
Дефекты
CWE-359
Связанные уязвимости
github
около 2 месяцев назад
An information disclosure vulnerability in M-Files Server before versions 25.12.15491.7, 25.8 LTS SR3, 25.2 LTS SR3 and 24.8 LTS SR5 allows an authenticated attacker using M-Files Web to capture session tokens of other active users.
EPSS
Процентиль: 17%
0.00054
Низкий
Дефекты
CWE-359