3 matches found
CVE-2024-45045 JavaScript Injection via url encoded values in links in Collabora Office Android
Collabora Online is a collaborative online office suite based on LibreOffice technology. In the mobile Android/iOS device variants of Collabora Online it was possible to inject JavaScript via url encoded values in links contained in documents. Since the Android JavaScript interface allows access ...
CVE-2024-45045 JavaScript Injection via url encoded values in links in Collabora Office Android
Collabora Online is a collaborative online office suite based on LibreOffice technology. In the mobile Android/iOS device variants of Collabora Online it was possible to inject JavaScript via url encoded values in links contained in documents. Since the Android JavaScript interface allows access ...
The vulnerability of the application-collabora office package of the XWiki Platform, a platform for creating collaborative web applications. This vulnerability allows an attacker to open arbitrary Office attachments during viewing or editing mode.
The vulnerability of the application-collabora office package of the XWiki Platform, a platform for creating collaborative web applications, is related to errors in the use of standard permissions. Exploiting this vulnerability allows a malicious actor to open arbitrary Office attachments during...