CVE-2024-44085

ONLYOFFICE Docs before 8.1.0 allows XSS via a GeneratorFunction Object attack against a macro. This is related to use of an immediately-invoked function expression IIFE for a macro. NOTE: this issue exists because of an incorrect fix for CVE-2021-43446 and CVE-2023-50883...

PT-2024-30941 · Onlyoffice · Onlyoffice Docs

Name of the Vulnerable Software and Affected Versions: ONLYOFFICE Docs versions prior to 8.1.0 Description: The issue is related to a cross-site scripting XSS flaw in ONLYOFFICE Docs, which occurs through a GeneratorFunction Object attack on a macro. This is connected to the use of an...

QBot Trojan delivered via malspam campaign exploiting US election uncertainties

This blog post was authored by Jérôme Segura and Hossein Jazi. The 2020 US elections have been the subject of intense scrutiny and emotions, while happening in the middle of a global pandemic. As election night ended and uncertainty regarding the results began to creep in, threat actors decided t...

PowerShell Downgrade Attack: Unicorn

PowerShell Downgrade Attack Magic Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber’s powershell attacks and the powershell bypass technique presented by David Kennedy TrustedSec and Josh Kelly at Defcon 18. Usage ...