CVE-2021-25833
An attackable bug in ONLYOFFICE DocumentServer is reported for the server module version 4.2.0.71-v5.6.0.21 where the file extension is controllable via request data, enabling arbitrary file overwriting and remote code execution. This vulnerability is described across multiple sources (NVD/CVE-20...