GCVE - cpe:2.3:a:m-files:m-files:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:m-files:m-files:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	M Files (`eb040204-ad59-500e-add5-a0873eedc68c`)
Product	M Files (`b1be926f-9094-50f2-a015-b059fe708b27`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2023-4479`	vulnerable	2026-06-08 06:16:12.532535	Stored XSS Vulnerability in M-Files Web HIGH (7.3) Stored XSS Vulnerability in M-Files Web versions before 23.8 allows attacker to execute script on users browser via stored HTML document within limited time period. Published: 2024-03-04T07:17:20.299Z Updated: 2026-02-23T08:50:20.782Z Open on db.gcve.eu Reference links https://product.m-files.com/security-advisories/cve-2023-4479/ https://empower.m-files.com/security-advisories/CVE-2023-4479	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-2480`	vulnerable	2026-06-08 06:02:42.378592	Elevation of Privilege in M-Files Desktop Client HIGH (7.5) Missing access permissions checks in M-Files Client before 23.5.12598.0 (excluding 23.2 SR2 and newer) allows elevation of privilege via UI extension applications Published: 2023-05-25T13:28:29.204Z Updated: 2026-02-23T08:42:43.815Z Open on db.gcve.eu Reference links https://product.m-files.com/security-advisories/cve-2023-2480/ https://empower.m-files.com/security-advisories/CVE-2023-2480	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-0213`	vulnerable	2026-06-08 05:52:04.529898	Local Elevation of Privilege in M-Files HIGH (8.8) Elevation of privilege issue in M-Files Installer versions before 22.6 on Windows allows user to gain SYSTEM privileges via DLL hijacking. Published: 2023-03-29T10:22:45.724Z Updated: 2026-02-23T08:23:13.658Z Open on db.gcve.eu Reference links https://product.m-files.com/security-advisories/cve-2023-0213/ https://empower.m-files.com/security-advisories/CVE-2023-0213	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-4264`	vulnerable	2026-06-08 05:51:37.084425	Incorrect privilege assignment in M-Files Web Server MEDIUM (6.5) Incorrect Privilege Assignment in M-Files Web (Classic) in M-Files before 22.8.11691.0 allows low privilege user to change some configuration. Published: 2022-12-09T14:08:40.778Z Updated: 2026-02-23T07:59:22.697Z Open on db.gcve.eu Reference links https://www.m-files.com/about/trust-center/security-advisories/cve-2022-4264/ https://product.m-files.com/security-advisories/cve-2022-4264/ https://empower.m-files.com/security-advisories/CVE-2022-4264	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.