A critical security vulnerability in M-Files Server could allow authenticated attackers to capture active user session tokens via the M-Files Web interface, enabling identity impersonation and unauthorized access to sensitive information. The flaw, tracked as CVE-2025-13008, was disclosed on December 19, 2025, and affects multiple M-Files Server versions deployed across enterprise environments. Field Details CVE […]

The post M-Files Vulnerability Allows Attackers to Steal Active User Session Tokens appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

Source: gbHackers
Source Link: https://gbhackers.com/m-files-vulnerability/