We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
Local File Inclusion vulnerability in M-Files Server in versions before 24.11 (excluding 24.8 SR1, 24.2 SR3 and 23.8 SR7) allows an authenticated user to read server local files of a limited set of filetypes via document preview.
Reserved 2024-10-18 | Published 2024-11-20 | Updated 2024-11-21 | Assigner M-Files CorporationCWE-552 Files or Directories Accessible to External Parties
Nicolò Vinci
product.m-files.com/security-advisories/CVE-2024-10126
Support options