M-Files Mobile Open Redirection Vulnerability

Vulnerability

A vulnerability allowing open redirection has been identified in M-Files mobile applications for Android and iOS, prior to version 25.6.0. This vulnerability allows attackers to use specially crafted PDF files to deceive users into clicking links that lead to untrusted URLs. The issue requires the attacker to be an authenticated user who can upload content to the vault, and it also necessitates user interaction from the victim.

Impact

Exploitation of this vulnerability could lead to open redirection, where users are tricked into visiting malicious websites, potentially causing harm or compromising their information.

Added: Jun 16, 2025, 9:22 AM

Updated: Jun 16, 2025, 9:22 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.8

exploitability

5.0

remediation

7.7

relevance

0.2

threat

0.0

urgency

1.4

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.8

exploitability

5.0

remediation

7.7

relevance

0.2

threat

0.0

urgency

1.4

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

M-Files Mobile Open Redirection Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating