Hubshare

Oct 31, 2022 Exploit M-Files Hubshare

CVE-2022-39019 - Broken Access Controls on PDFtron WebviewerUI in M-Files Hubshare before 3.3.11.3 Lead to Unauthenticated Malicious File Uploads

In this long-read post, we will dive into the details of CVE-2022-39019, a recently discovered critical vulnerability in M-Files Hubshare. Before version 3.3.11.

Oct 31, 2022 XSS Exploit M-Files Hubshare

CVE-2022-39017: Improper Input Validation and Output Encoding in M-Files Hubshare before 3.3.10.9 Leads to Cross-Site Scripting (XSS) Vulnerability

CVE-2022-39017 refers to a vulnerability found in all comment fields in M-Files Hubshare versions before 3.3.10.9. The root cause of this vulnerability