Vulnerabilities

CVE-2025-13008

by Fred · 19/12/2025

An information disclosure vulnerability in M-Files Server before versions 25.12.15491.7, 25.8 LTS SR3, 25.2 LTS SR3 and 24.8 LTS SR5 allows an authenticated attacker using M-Files Web to capture session tokens of other active users.

More information : https://product.m-files.com/security-advisories/cve-2025-13008

Similar

Tags: Cybersecurity Alert