This vulnerability has a CVSS score of 5.3 with a medium severity rating.
|FileCloud Versions 22.1 and earlier
|FileCloud Version 23.1 and later
In versions of Apache HTTP Server prior to 2.4.55, a malicious backend could cause response headers to be included in the response body, possibly causing the client to fail to process security-related responses.
These vulnerabilities have been fixed in FileCloud version 18.104.22.16895 which upgrades Apache HTTP Server to version 2.4.55.
What you should do to fix this vulnerability
- If you are using FileCloud Server, it is recommended that you update to the latest version, which is 22.214.171.12495 or greater. This will resolve the issue.
- If you are using FileCloud Online, your site has already been updated to the latest version.
If you have any questions about this advisory, please contact FileCloud support.