CVE-2021-25830
ONLYOFFICE DocumentServer (core module) v4.2.0.236-v5.6.4.13 contains a file extension handling vulnerability triggered when converting a crafted file from DOCT to DOCX. The issue relies on a chain of two other bugs related to improper string handling and can lead to remote code execution on the ...