Headline
CVE-2022-39019: Broken access controls on PDFtron WebviewerUI in M-Files Hubshare
Broken access controls on PDFtron WebviewerUI in M-Files Hubshare before 3.3.11.3 allows unauthenticated attackers to upload malicious files to the application server.
Discovered by Michael Newton on behalf of The Missing Link Security
Vulnerability Details
Broken access controls on PDFtron WebviewerUI in M-Files Hubshare before 3.3.11.3 allows unauthenticated attackers to upload malicious files to the application server.
Affected Versions
Discovered in: 3.3.1.6
Fixed Versions
Fixed in: 3.3.11.3