High severityNVD Advisory· Published Dec 19, 2025· Updated Apr 15, 2026
CVE-2025-13008
CVE-2025-13008
Description
An information disclosure vulnerability in M-Files Server before versions 25.12.15491.7, 25.8 LTS SR3, 25.2 LTS SR3 and 24.8 LTS SR5 allows an authenticated attacker using M-Files Web to capture session tokens of other active users.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: < 25.12.15491.7, < 25.8 LTS SR3, < 25.2 LTS SR3, < 24.8 LTS SR5
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.