4 matches found
CVE-2021-3199
Directory traversal with remote code execution can occur in /upload in ONLYOFFICE Document Server before 5.6.3, when JWT is used, via a /.. sequence in an image upload parameter...
CVE-2021-3199
Directory traversal with remote code execution can occur in /upload in ONLYOFFICE Document Server before 5.6.3, when JWT is used, via a /.. sequence in an image upload parameter...
CVE-2021-3199
Directory traversal with remote code execution can occur in /upload in ONLYOFFICE Document Server before 5.6.3, when JWT is used, via a /.. sequence in an image upload parameter...
CVE-2021-3199
CVE-2021-3199 is a path traversal/remote code execution vulnerability in ONLYOFFICE Document Server (pre-5.6.3). The issue arises in /upload when JWT is used, by exploiting a /.. sequence in an image upload parameter, enabling directory traversal and arbitrary code execution per the public CVE de...