GCVE - cpe:2.3:a:m-files_corporation:hubshare:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:m-files_corporation:hubshare:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	M Files Corporation (`2362f32a-0a24-5310-a96b-161849f50ffc`)
Product	Hubshare (`10bb8eba-b59f-5d1b-9db1-f0f77c28f542`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2025-9826`	vulnerable	2026-06-08 07:47:10.006656	Details available Stored cross-site scripting vulnerability in M-Files Hubshare before version 25.8 allows authenticated attackers to cause script execution for other users. Published: 2025-09-15T10:15:15.855Z Updated: 2026-02-23T10:32:58.235Z Open on db.gcve.eu Reference links https://product.m-files.com/security-advisories/cve-2025-9826/ https://empower.m-files.com/security-advisories/CVE-2025-9826	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-6881`	vulnerable	2026-06-08 06:58:20.644779	Stored XSS Vulnerability Stored XSS in M-Files Hubshare versions before 5.0.6.0 allows an authenticated attacker to execute arbitrary JavaScript in user's browser session Published: 2024-07-29T12:56:51.695Z Updated: 2026-02-23T10:18:02.562Z Open on db.gcve.eu Reference links https://product.m-files.com/security-advisories/cve-2024-6881/ https://empower.m-files.com/security-advisories/CVE-2024-6881	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-6124`	vulnerable	2026-06-08 06:58:17.891706	Reflected XSS in Hubshare via Open Redirect Reflected XSS in M-Files Hubshare before version 5.0.6.0 allows an attacker to execute arbitrary JavaScript code in the context of the victim's browser session Published: 2024-07-29T13:00:33.825Z Updated: 2026-02-23T10:12:11.711Z Open on db.gcve.eu Reference links https://product.m-files.com/security-advisories/cve-2024-6124/ https://empower.m-files.com/security-advisories/CVE-2024-6124	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-5142`	vulnerable	2026-06-08 06:56:14.977290	XSS in Hubshare's social module Stored Cross-Site Scripting vulnerability in Social Module in M-Files Hubshare before version 5.0.6.0 allows authenticated attacker to run scripts in other users browser Published: 2024-05-24T05:58:41.316Z Updated: 2026-02-23T10:11:26.951Z Open on db.gcve.eu Reference links https://product.m-files.com/security-advisories/cve-2024-5142/ https://empower.m-files.com/security-advisories/CVE-2024-5142	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.