CVE-2021-25831
ONLYOFFICE DocumentServer (core module) vulnerability CVE-2021-25831 affects v4.0.0-9-v5.6.3. A file extension handling issue arises when converting a crafted PPTT file to PPTX, exploited through a chain of two other improper string handling bugs to achieve remote code execution on the server. Th...