5 matches found
CVE-2022-31024
richdocuments is the repository for NextCloud Collabra, the app for Nextcloud Office collaboration. Prior to versions 6.0.0, 5.0.4, and 4.2.6, a user could be tricked into working against a remote Office by sending them a federated share. richdocuments versions 6.0.0, 5.0.4 and 4.2.6 contain a fi...
CVE-2022-31024
The CVE-2022-31024 issue affects Nextcloud richdocuments (Collabora) where federated shares can cause a user to edit against a remote Office by default (iframe-based exploitation). Root cause: federation setup allows instructing a user’s editing session to target a different server. Affected vers...
CVE-2022-31024 Federated editing allows iframing remote servers by default in richdocuments
richdocuments is the repository for NextCloud Collabra, the app for Nextcloud Office collaboration. Prior to versions 6.0.0, 5.0.4, and 4.2.6, a user could be tricked into working against a remote Office by sending them a federated share. richdocuments versions 6.0.0, 5.0.4 and 4.2.6 contain a fi...
CVE-2022-31024 Federated editing allows iframing remote servers by default in richdocuments
richdocuments is the repository for NextCloud Collabra, the app for Nextcloud Office collaboration. Prior to versions 6.0.0, 5.0.4, and 4.2.6, a user could be tricked into working against a remote Office by sending them a federated share. richdocuments versions 6.0.0, 5.0.4 and 4.2.6 contain a fi...
CVE-2022-31024 Federated editing allows iframing remote servers by default in richdocuments
richdocuments is the repository for NextCloud Collabra, the app for Nextcloud Office collaboration. Prior to versions 6.0.0, 5.0.4, and 4.2.6, a user could be tricked into working against a remote Office by sending them a federated share. richdocuments versions 6.0.0, 5.0.4 and 4.2.6 contain a fi...