12 matches found
EUVD-2025-28919
Malicious code in bioql PyPI...
EUVD-2025-28920
Malicious code in bioql PyPI...
CVE-2025-10255
A vulnerability was determined in Ascensio System SIA OnlyOffice up to 12.7.0. Impacted is an unknown function of the file /Products/Projects/Messages.aspx of the component Comment Handler. Executing manipulation can lead to cross site scripting. The attack may be launched remotely. The exploit h...
CVE-2025-10254
A vulnerability was found in Ascensio System SIA OnlyOffice up to 12.7.0. This issue affects some unknown processing of the file /Products/Projects/Messages.aspx of the component SVG Image Handler. Performing manipulation results in cross site scripting. The attack may be initiated remotely. The...
CVE-2025-10255
A vulnerability was determined in Ascensio System SIA OnlyOffice up to 12.7.0. Impacted is an unknown function of the file /Products/Projects/Messages.aspx of the component Comment Handler. Executing manipulation can lead to cross site scripting. The attack may be launched remotely. The exploit h...
CVE-2025-10254
A vulnerability was found in Ascensio System SIA OnlyOffice up to 12.7.0. This issue affects some unknown processing of the file /Products/Projects/Messages.aspx of the component SVG Image Handler. Performing manipulation results in cross site scripting. The attack may be initiated remotely. The...
CVE-2025-10255 Ascensio System SIA OnlyOffice Comment Messages.aspx cross site scripting
A vulnerability was determined in Ascensio System SIA OnlyOffice up to 12.7.0. Impacted is an unknown function of the file /Products/Projects/Messages.aspx of the component Comment Handler. Executing manipulation can lead to cross site scripting. The attack may be launched remotely. The exploit h...
CVE-2025-10255 Ascensio System SIA OnlyOffice Comment Messages.aspx cross site scripting
A vulnerability was determined in Ascensio System SIA OnlyOffice up to 12.7.0. Impacted is an unknown function of the file /Products/Projects/Messages.aspx of the component Comment Handler. Executing manipulation can lead to cross site scripting. The attack may be launched remotely. The exploit h...
CVE-2025-10254 Ascensio System SIA OnlyOffice SVG Image Messages.aspx cross site scripting
A vulnerability was found in Ascensio System SIA OnlyOffice up to 12.7.0. This issue affects some unknown processing of the file /Products/Projects/Messages.aspx of the component SVG Image Handler. Performing manipulation results in cross site scripting. The attack may be initiated remotely. The...
Ascensio System ONLYOFFICE 安全漏洞
Ascensio System ONLYOFFICE is an office software from Ascensio System, Latvia. A security vulnerability exists in Ascensio System ONLYOFFICE version 12.7.0 and earlier, which stems from an incorrect manipulation of the component Comment Handler in the file /Products/Projects/Messages.aspx, which...
PT-2025-37192
Name of the Vulnerable Software and Affected Versions: OnlyOffice versions through 12.7.0 Description: A vulnerability exists in Ascensio System SIA OnlyOffice that can lead to cross site scripting. The issue is located in the Comment Handler component, specifically within the file...
PT-2025-37191
Name of the Vulnerable Software and Affected Versions: OnlyOffice versions up to 12.7.0 Description: A cross site scripting issue exists due to unknown processing of the file /Products/Projects/Messages.aspx within the SVG Image Handler component. The attack can be initiated remotely. The exploit...