CVE-2024-9174: Stored HTML Injection in Hubshare Social module DESCRIPTION Stored HTML Injection in Social Module in M-Files Hubshare before version 5.0.8.6 allows authenticated user to spoof UI elements AFFECTED PRODUCTS M-Files Hubshare before 5.0.8.6 MORE INFORMATION When social module is enabled and non-admin users are allowed to create chats, a HTML Injection allowed an authenticated … Continue reading CVE-2024-9174