Script injection in M-Files Admin versions before 22.2.11051.0, allows executing stored script in admin tool. M-Files Admin tool allows storing configuration data with script which may then get run by another vault administrator. Requires vault admin level authentication and is not remotely exploitable
Add your gear to cvedb and we'll alert you only when m-files ships something exploited.
Check my exposure →This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.