CVE-2021-41809

Summary

SSRF vulnerability in M-Files Server products with versions before 22.1.11017.1, in a preview function allowed making queries from the server with certain document types referencing external entities.

Affected Software

VendorProductVersion RangeStatus
M-FilesM-Files ServerOnline < 22.1.11017.1affected

Weaknesses

  • CWE-918: CWE-918 Server-Side Request Forgery (SSRF)

ADP Enrichment

CVE Program Container

Additional References

References