Vulnerabilities > M Files > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-02 | CVE-2022-4270 | Improper Privilege Management vulnerability in M-Files Server 22.2.11051.0/22.3.11237.3 Incorrect privilege assignment issue in M-Files Web in M-Files Web versions before 22.5.11436.1 could have changed permissions accidentally. | 2.6 |
| 2022-05-02 | CVE-2021-41810 | Cross-site Scripting vulnerability in M-Files Server Admin tool allows storing configuration data with script which may then get run by another vault administrator. | 3.5 |
| 2022-01-18 | CVE-2021-41808 | Information Exposure Through Log Files vulnerability in M-Files Server In M-Files Server product with versions before 21.11.10775.0, enabling logging of Federated authentication to event log wrote sensitive information to log. | 1.9 |