SSRF vulnerability in M-Files Server products with versions before 22.1.11017.1, in a preview function allowed making queries from the server with certain document types referencing external entities.
References
Link | Resource |
---|---|
https://www.m-files.com/about/trust-center/security-vulnerabilities/cve-2021-41809/ | Vendor Advisory |
Configurations
Information
Published : 2022-01-18 09:15
Updated : 2022-01-25 18:10
NVD link : CVE-2021-41809
Mitre link : CVE-2021-41809
JSON object : View
CWE
CWE-918
Server-Side Request Forgery (SSRF)
Products Affected
m-files
- m-files_server