6 matches found
EUVD-2021-30382
Malicious code in bioql PyPI...
CVE-2021-43449
ONLYOFFICE all versions as of 2021-11-08 is vulnerable to Server-Side Request Forgery SSRF. The document editor service can be abused to read and serve arbitrary URLs as a document...
Server side request forgery (ssrf)
ONLYOFFICE all versions as of 2021-11-08 is vulnerable to Server-Side Request Forgery SSRF. The document editor service can be abused to read and serve arbitrary URLs as a document...
CVE-2021-43449
CVE-2021-43449 affects ONLYOFFICE all versions as of 2021-11-08. The Document Editor service is vulnerable to Server-Side Request Forgery (SSRF), enabling reading and serving arbitrary URLs as documents. CVSS v3.1 base score 8.1 (HIGH) with NETWORK attack vector, LOW attack complexity, no privile...
ONLYOFFICE 代码问题漏洞
Ascensio System ONLYOFFICE is an office software from Ascensio System, Latvia. A security vulnerability exists in all versions of ONLYOFFICE prior to 2021-11-08 that stems from susceptibility to server-side request forgery SSRF attacks. The Document Editor service can be misused to read arbitrary...
CVE-2021-43449
ONLYOFFICE all versions as of 2021-11-08 is vulnerable to Server-Side Request Forgery SSRF. The document editor service can be abused to read and serve arbitrary URLs as a document...