209 matches found
CVE-2024-37311 Collabora Online's remote host TLS certificates are not fully verified
Collabora Online is a collaborative online office suite based on LibreOffice. In affected versions of Collabora Online, https connections from coolwsd to other hosts may incompletely verify the remote host's certificate's against the full chain of trust. This vulnerability is fixed in Collabora...
CVE-2024-37311 Collabora Online's remote host TLS certificates are not fully verified
Collabora Online is a collaborative online office suite based on LibreOffice. In affected versions of Collabora Online, https connections from coolwsd to other hosts may incompletely verify the remote host's certificate's against the full chain of trust. This vulnerability is fixed in Collabora...
CVE-2024-37311
CVE-2024-37311 affects Collabora Online. In affected versions, https connections from coolwsd to other hosts may incompletely verify the remote host’s certificate against the full chain of trust. The issue is fixed in Collabora Online versions 24.04.4.3, 23.05.14.1, and 22.05.23.1. Related source...
Collabora Online 安全漏洞
Collabora Online is an application from Collabora UK. A powerful LibreOffice-based online office that supports all major document, spreadsheet and presentation file formats. A security vulnerability exists in Collabora Online versions prior to 24.04.4.3, prior to 23.05.14.1, and prior to...
PT-2024-27470 · Collabora · Collabora Online
Name of the Vulnerable Software and Affected Versions: Collabora Online versions prior to 22.05.23.1 Collabora Online versions prior to 23.05.14.1 Collabora Online versions prior to 24.04.4.3 Description: In affected versions of Collabora Online, a collaborative online office suite based on...
CVE-2024-29182
Collabora Online is a collaborative online office suite based on LibreOffice. A stored cross-site scripting vulnerability was found in Collabora Online. An attacker could create a document with an XSS payload in document text referenced by field which, if hovered over to produce a tooltip, could ...
CVE-2024-29182 Collabora Online Stored Cross-Site-Scripting vulnerability via tooltip
Collabora Online is a collaborative online office suite based on LibreOffice. A stored cross-site scripting vulnerability was found in Collabora Online. An attacker could create a document with an XSS payload in document text referenced by field which, if hovered over to produce a tooltip, could ...
CVE-2024-29182 Collabora Online Stored Cross-Site-Scripting vulnerability via tooltip
Collabora Online is a collaborative online office suite based on LibreOffice. A stored cross-site scripting vulnerability was found in Collabora Online. An attacker could create a document with an XSS payload in document text referenced by field which, if hovered over to produce a tooltip, could ...
CVE-2024-29182 Collabora Online Stored Cross-Site-Scripting vulnerability via tooltip
Collabora Online is a collaborative online office suite based on LibreOffice. A stored cross-site scripting vulnerability was found in Collabora Online. An attacker could create a document with an XSS payload in document text referenced by field which, if hovered over to produce a tooltip, could ...
CVE-2024-29182
CVE-2024-29182 affects Collabora Online (LibreOffice-based online suite). The vulnerability is a stored cross-site scripting flaw where an attacker can embed an XSS payload in document text referenced by a field; when a user hovers the text to display a tooltip, the payload could execute in the u...
Collabora Online 跨站脚本漏洞
Collabora Online is a software application from Collabora UK. A powerful LibreOffice-based online office that supports all major document, spreadsheet and presentation file formats. A cross-site scripting vulnerability exists in Collabora Online version 23.05.10.1 and earlier, which stems from a...
PT-2024-22787
Name of the Vulnerable Software and Affected Versions Collabora Online versions prior to 23.05.10.1 Description A stored cross-site scripting issue was found in Collabora Online, a collaborative online office suite based on LibreOffice. An attacker could create a document with an XSS payload in...
CVE-2024-30265
Collabora Online is a collaborative online office suite based on LibreOffice technology. Any deployment of voilà dashboard allow local file inclusion. Any file on a filesystem that is readable by the user that runs the voilà dashboard server can be downloaded by someone with network access to the...
CVE-2024-30265 Voilà Local file inclusion
Collabora Online is a collaborative online office suite based on LibreOffice technology. Any deployment of voilà dashboard allow local file inclusion. Any file on a filesystem that is readable by the user that runs the voilà dashboard server can be downloaded by someone with network access to the...
CVE-2024-30265 Voilà Local file inclusion
Collabora Online is a collaborative online office suite based on LibreOffice technology. Any deployment of voilà dashboard allow local file inclusion. Any file on a filesystem that is readable by the user that runs the voilà dashboard server can be downloaded by someone with network access to the...
CVE-2024-30265 Voilà Local file inclusion
Collabora Online is a collaborative online office suite based on LibreOffice technology. Any deployment of voilà dashboard allow local file inclusion. Any file on a filesystem that is readable by the user that runs the voilà dashboard server can be downloaded by someone with network access to the...
CVE-2024-30265
CVE-2024-30265 affects Voilà (Voila dashboards) with a Local File Inclusion in the static route. The root cause is that StaticFileHandler is initialized with root '/' due to incorrect static_path handling, allowing an attacker to download any file readable by the server user over the network, dep...
Collabora Online 安全漏洞
Collabora Online is an application from Collabora UK. A powerful LibreOffice-based online office that supports all major document, spreadsheet and presentation file formats. A security vulnerability exists in Collabora Online version 0.0.2 and later, which stems from the presence of a local file...
Collabora CODE / Collabora Online < 21.11.9.4, 22.x < 22.05.22, 23.x < 23.05.9 Information Disclosure Vulnerability
Collabora CODE Collabora Online Development Edition and Collabora Online is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
CVE-2024-25114
Collabora Online is a collaborative online office suite based on LibreOffice technology. Each document in Collabora Online is opened by a separate "Kit" instance in a different "jail" with a unique directory "jailID" name. For security reasons, this directory name is randomly generated and should...