From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. Vulnerability ID: CVE-2023-5523 2. Affected Products: - M-Files Web Companion before 23.10 - M-Files Web Companion before 23.8 LTS SR1 3. Description: An error in executing downloaded content in M-Files Web Companion versions prior to 23.10 and LTS service release prior to 23.8 LTS SR1 allows remote code execution. 4. Additional Information: - The vulnerability requires user interaction to be exploited. - The vulnerability has been fixed in versions 23.10 and 23.8 LTS SR1. - Web Companion is not included in the long-term service release 23.2, therefore it is not affected. - To resolve this vulnerability, M-Files Server must be updated, followed by updating Web Companion. Web Companion will not automatically update for installed users; users must accept the update prompt. - If Web Companion is not installed, the vulnerability does not apply even in M-Files releases prior to 23.10. 5. CVSS Score: - CVSS 3.1 Base Score: 8.6 - CVSS 3.1 Temporal Score: 7.7 6. CWE ID: CWE-829 Inclusion of Functionality from Untrusted Control Sphere 7. CAPEC ID: CAPEC-253 Remote Code Inclusion 8. Internal ID: 168401 9. Release Date: 2023-10-19 10. Disclosure Status: Not publicly disclosed 11. Exploitation Status: Not exploited 12. Exploit Likelihood: Low - Responsible Disclosure 13. Link: https://www.cve.org/CVERecord?id=CVE-2023-5523 14. History: Released on 2023-10-20 This information provides detailed descriptions, scope of impact, remediation status, and security ratings for the vulnerability.