PT-2023-28950 · Devolutions · Devolutions Remote Desktop Manager

Name of the Vulnerable Software and Affected Versions: Devolutions Remote Desktop Manager versions 2023.2.19 and earlier Description: Inadequate validation of permissions when employing remote tools and macros within the software permits a user to initiate a connection without proper execution...

ONLYOFFICE 跨站脚本漏洞

Ascensio System ONLYOFFICE is an office software from Ascensio System, Latvia. A security vulnerability exists in all versions of ONLYOFFICE prior to 2021-11-08 that stems from vulnerability to cross-site scripting XSS attacks. The "macros" feature of the document editor allows the use of malicio...

PT-2023-12450 · Unknown · Onlyoffice

Name of the Vulnerable Software and Affected Versions: ONLYOFFICE versions prior to the version released after 2021-11-08 Description: The issue concerns a Cross Site Scripting XSS problem. The "macros" feature of the document editor in ONLYOFFICE allows malicious cross site scripting payloads to...

CVE-2021-43446

ONLYOFFICE all versions as of 2021-11-08 is vulnerable to Cross Site Scripting XSS. The "macros" feature of the document editor allows malicious cross site scripting payloads to be used...