logo
Vulnerability feed
CONTRIBUTE

Vulnerability

warn

CVE-2021-43446

Reference to the description:

https://nvd.nist.gov/vuln/detail/CVE-2021-43446

Description:
ONLYOFFICE all versions as of 2021-11-08 is vulnerable to Cross Site Scripting (XSS). The "macros" feature of the document editor allows malicious cross site scripting payloads to be used.
Last updated date:
01/31/2023
Type:
exploit
Confidence:
HIGH
Date of publishing:
01/31/2023
Reference url to background

https://labs.nettitude.com/blog/exploiting-onlyoffice-web-sockets-for-unauthenticated-remote-code-execution/

Vulnerability FeedContributorsAboutBlog

@inTheWild

©2024

Privacy Policy