Insufficient Blacklisting in M-Files Web Companion: Remote Code Execution via Specific File Types
CVE-2023-5524 · HIGH Severity
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Insufficient blacklisting in M-Files Web Companion before release version 23.10 and LTS Service Release Versions before 23.8 LTS SR1 allows Remote Code Execution via specific file types
Learn more about our Web App Pen Testing.