3 matches found
CVE-2022-47412 ONLYOFFICE Workspace Search Stored XSS
Given a malicious document provided by an attacker, the ONLYOFFICE Workspace DMS is vulnerable to a stored persistent, or "Type II" cross-site scripting XSS condition...
CVE-2022-47412
Technical details about CVE-2022-47412 are not publicly provided in the connected documents. Monitor for updates.
Multiple DMS XSS (CVE-2022-47412 through CVE-20222-47419)
Through the course of routine security testing and analysis, Rapid7 has discovered several issues in on-premises installations of open source and freemium Document Management System DMS offerings from four vendors. While all of the discovered issues are instances of CWE-79: Improper Neutralizatio...