Path equivalence: vulnerability in Progress MOVEit Transfer (File Upload modules).
This issue affects MOVEit Transfer: before 2025.0.8, from 2025.1.0 before 2025.1.4.
Improper Neutralization of Special Elements in Data Query Logic vulnerability in Progress MOVEit Transfer (Custom Reports modules).
This issue affects MOVEit Transfer: before 2025.0.7, from 2025.1.0 before 2025.1.3.
Relative path traversal vulnerability in Progress MOVEit Transfer (Admin Settings module).
This issue affects MOVEit Transfer: before 2025.0.7, from 2025.1.0 before 2025.1.3.
Limited authentication bypass by spoofing vulnerability in Progress MOVEit Transfer (HTTPS module).
This issue affects MOVEit Transfer: before 2025.0.7, from 2025.1.0 before 2025.1.3.
Incorrect Authorization vulnerability in Progress MOVEit Transfer (Audit User module).
This issue affects MOVEit Transfer: before 2025.0.7, from 2025.1.0 before 2025.1.3.
Improper Neutralization of Special Elements in Data Query Logic vulnerability in Progress MOVEit Transfer (Custom Reports modules).
This issue affects MOVEit Transfer: from 2025.0.0 before 2025.0.8, from 2025.1.0 before 2025.1.4, from 2026.0.0 before 2026.0.1.
Missing release of memory after effective lifetime vulnerability in Progress MOVEit Transfer (Custom Reports modules).
This issue affects MOVEit Transfer: from 2025.0.0 before 2025.0.8, from 2025.1.0 before 2025.1.4, from 2026.0.0 before 2026.0.1.
Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Progress MOVEit Transfer (Ad Hoc module).
This issue affects MOVEit Transfer: from 2026.0.0 before 2026.0.1, from 2025.1.0 before 2025.1.4, from 2025.0.0 before 2025.0.8.
Unverified Password Change vulnerability in Progress MOVEit Transfer on Windows (REST API modules).This issue affects MOVEit Transfer: from 2023.1.0 before 2023.1.3, from 2023.0.0 before 2023.0.8, from 2022.1.0 before 2022.1.11, from 2022.0.0 before 2022.0.10.
Server-Side Request Forgery (SSRF) vulnerability in Progress MOVEit Transfer.This issue affects MOVEit Transfer: before 2024.1.8, from 2025.0.0 before 2025.0.4.