.svg)
|
Vulnerability type |
Regular expression denial of service attack vulnerability |
|
Severity factors |
This vulnerability has a CVSS score of 7.5 with a high severity rating.
|
|
Versions affected |
FileCloud Versions 22.1 and earlier |
|
Version fixed |
FileCloud Version 23.1 and later |
Description
In versions of the http-cache semantics node module lower that 4.1.1, malicious header values could be sent to the server.
Fix
These vulnerabilities have been fixed in FileCloud version 23.1.0.22595, which uses a newer version of the JS library to build the user interface.
What you should do to fix this vulnerability
-
If you are using FileCloud Server, it is recommended that you update to the latest version, which is 23.1.0.22595 or greater. This will resolve the issue.
-
If you are using FileCloud Online, your site has already been updated to the latest version.
If you have any questions about this advisory, please contact FileCloud support.