59 matches found
CVE-2025-68936
ONLYOFFICE Docs before 9.2.1 allows XSS via the Color theme name. This is related to DocumentServer...
CVE-2025-68935
ONLYOFFICE Docs before 9.2.1 allows XSS via the Font field for the Multilevel list settings window. This is related to DocumentServer...
EUVD-2025-205392
ONLYOFFICE Docs before 9.2.1 allows XSS via the Color theme name. This is related to DocumentServer...
EUVD-2025-205393
ONLYOFFICE Docs before 9.2.1 allows XSS via the Font field for the Multilevel list settings window. This is related to DocumentServer...
CVE-2025-68917
ONLYOFFICE Docs before 9.2.1 allows XSS in the textarea of the comment editing form. This is related to DocumentServer...
CVE-2025-68935
ONLYOFFICE Docs before 9.2.1 allows XSS via the Font field for the Multilevel list settings window. This is related to DocumentServer...
CVE-2025-68936
ONLYOFFICE Docs before 9.2.1 allows XSS via the Color theme name. This is related to DocumentServer...
CVE-2025-68936
Summary: CVE-2025-68936 affects ONLYOFFICE Docs prior to 9.2.1 (DocumentServer relation) and is referenced across multiple feeds as a cross-site scripting (XSS) vulnerability. Affected software: ONLYOFFICE Docs (DocumentServer component referenced in the CVE). Vulnerability details: XSS via the C...
CVE-2025-68936
ONLYOFFICE Docs before 9.2.1 allows XSS via the Color theme name. This is related to DocumentServer...
CVE-2025-68936
ONLYOFFICE Docs before 9.2.1 allows XSS via the Color theme name. This is related to DocumentServer...
CVE-2025-68935
ONLYOFFICE Docs before 9.2.1 allows XSS via the Font field for the Multilevel list settings window. This is related to DocumentServer...
CVE-2025-68935
ONLYOFFICE Docs before 9.2.1 allows XSS via the Font field for the Multilevel list settings window. This is related to DocumentServer...
CVE-2025-68935
ONLYOFFICE Docs prior to version 9.2.1 is affected by a cross-site scripting (XSS) vulnerability in the Multilevel list settings window’s Font field, related to DocumentServer. The issue is confirmed across multiple sources (including Red Hat, EUVD, NVD, OSV, CVE lists) and lists the vulnerable c...
ONLYOFFICE Docs 跨站脚本漏洞
ONLYOFFICE Docs is an online office software from ONLYOFFICE, Inc. A cross-site scripting vulnerability exists in versions of ONLYOFFICE Docs prior to 9.2.1, which stems from improper handling of the Font field in the Multi-Level List Settings window, which could lead to a cross-site scripting...
ONLYOFFICE Docs 跨站脚本漏洞
ONLYOFFICE Docs is an online office software from ONLYOFFICE, Inc. A cross-site scripting vulnerability exists in versions of ONLYOFFICE Docs prior to 9.2.1, which stems from mishandling of Color subject names and could lead to cross-site scripting attacks...
CVE-2025-68917
ONLYOFFICE Docs before 9.2.1 allows XSS in the textarea of the comment editing form. This is related to DocumentServer...
CVE-2025-68917
CVE-2025-68917 affects ONLYOFFICE Docs (DocumentServer) prior to version 9.2.1. The issue is a cross-site scripting (XSS) vulnerability in the textarea of the comment editing form. Root cause details are not elaborated beyond the XSS in the description, but multiple sources confirm the affected p...
CVE-2025-68917
ONLYOFFICE Docs before 9.2.1 allows XSS in the textarea of the comment editing form. This is related to DocumentServer...
CVE-2025-68917
ONLYOFFICE Docs before 9.2.1 allows XSS in the textarea of the comment editing form. This is related to DocumentServer...
ONLYOFFICE Docs 跨站脚本漏洞
ONLYOFFICE Docs is an online office software from ONLYOFFICE, Inc. A cross-site scripting vulnerability exists in ONLYOFFICE Docs versions prior to 9.2.1, which stems from cross-site scripting in the textarea of the comment edit form...