6 matches found
EUVD-2021-30382
Malicious code in bioql PyPI...
CVE-2021-43449
ONLYOFFICE all versions as of 2021-11-08 is vulnerable to Server-Side Request Forgery SSRF. The document editor service can be abused to read and serve arbitrary URLs as a document...
Server side request forgery (ssrf)
ONLYOFFICE all versions as of 2021-11-08 is vulnerable to Server-Side Request Forgery SSRF. The document editor service can be abused to read and serve arbitrary URLs as a document...
ONLYOFFICE 代码问题漏洞
Ascensio System ONLYOFFICE is an office software from Ascensio System, Latvia. A security vulnerability exists in all versions of ONLYOFFICE prior to 2021-11-08 that stems from susceptibility to server-side request forgery SSRF attacks. The Document Editor service can be misused to read arbitrary...
CVE-2021-43449
ONLYOFFICE all versions as of 2021-11-08 is vulnerable to Server-Side Request Forgery SSRF. The document editor service can be abused to read and serve arbitrary URLs as a document...
CVE-2021-43449
CVE-2021-43449 affects ONLYOFFICE all versions as of 2021-11-08. The Document Editor service is vulnerable to Server-Side Request Forgery (SSRF), enabling reading and serving arbitrary URLs as documents. CVSS v3.1 base score 8.1 (HIGH) with NETWORK attack vector, LOW attack complexity, no privile...