Primary

Context

FileCloud Stored Cross-Site Scripting Vulnerability in Approval Function

Vulnerability

Patched

A stored cross-site scripting vulnerability has been identified in FileCloud version 23.241.2. This vulnerability allows attackers to execute arbitrary web scripts or HTML by sending a crafted payload through the 'Send for Approval' function.

Impact

Exploitation of this vulnerability allows for stored cross-site scripting, where injected scripts are executed in the context of the user.

Remediation

Users can upgrade to FileCloud version 23.241.3 to address this vulnerability. Upgrade instructions are available in the FileCloud Administrator Guide.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

3.1

impact

1.0

exploitability

6.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

3.1

impact

1.0

exploitability

6.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

FileCloud Stored Cross-Site Scripting Vulnerability in Approval Function

Vulnerability

Impact

Remediation

Affected Products

FileCloud

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating