Vulnerabilities > M Files > Classic WEB > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-20 | CVE-2023-2325 | Cross-site Scripting vulnerability in M-Files Classic web 23.2/23.6.12695.3/23.8 Stored XSS Vulnerability in M-Files Classic Web versions before 23.10 and LTS Service Release Versions before 23.2 LTS SR4 and 23.8 LTS SR1allows attacker to execute script on users browser via stored HTML document. | 5.4 |
| 2023-08-25 | CVE-2023-3406 | Path Traversal vulnerability in M-Files Classic web 23.2 Path Traversal issue in M-Files Classic Web versions below 23.6.12695.3 and LTS Service Release Versions before 23.2 LTS SR3 allows authenticated user to read some restricted files on the web server | 6.5 |
| 2023-08-25 | CVE-2023-3425 | Out-of-bounds Read vulnerability in M-Files Classic web 23.2 Out-of-bounds read issue in M-Files Server versions below 23.8.12892.6 and LTS Service Release Versions before 23.2 LTS SR3 allows unauthenticated user to read restricted amount of bytes from memory. | 5.3 |