cvedb.io
CVE-2023-2480
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2023-05-25T14:15:10.120 · Last modified 2026-06-17T05:52:41.127

Summary

Missing access permissions checks in M-Files Client before 23.5.12598.0 (excluding 23.2 SR2 and newer) allows elevation of privilege via UI extension applications

Affected products

m-files — m-files

Does this affect you?

Add your gear to cvedb and we'll alert you only when m-files ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.