12 matches found
EUVD-2025-28919
Malicious code in bioql PyPI...
EUVD-2025-28920
Malicious code in bioql PyPI...
CVE-2025-10254
A vulnerability was found in Ascensio System SIA OnlyOffice up to 12.7.0. This issue affects some unknown processing of the file /Products/Projects/Messages.aspx of the component SVG Image Handler. Performing manipulation results in cross site scripting. The attack may be initiated remotely. The...
CVE-2025-10255
A vulnerability was determined in Ascensio System SIA OnlyOffice up to 12.7.0. Impacted is an unknown function of the file /Products/Projects/Messages.aspx of the component Comment Handler. Executing manipulation can lead to cross site scripting. The attack may be launched remotely. The exploit h...
CVE-2025-10255
A vulnerability was determined in Ascensio System SIA OnlyOffice up to 12.7.0. Impacted is an unknown function of the file /Products/Projects/Messages.aspx of the component Comment Handler. Executing manipulation can lead to cross site scripting. The attack may be launched remotely. The exploit h...
CVE-2025-10254
A vulnerability was found in Ascensio System SIA OnlyOffice up to 12.7.0. This issue affects some unknown processing of the file /Products/Projects/Messages.aspx of the component SVG Image Handler. Performing manipulation results in cross site scripting. The attack may be initiated remotely. The...
CVE-2025-10255 Ascensio System SIA OnlyOffice Comment Messages.aspx cross site scripting
A vulnerability was determined in Ascensio System SIA OnlyOffice up to 12.7.0. Impacted is an unknown function of the file /Products/Projects/Messages.aspx of the component Comment Handler. Executing manipulation can lead to cross site scripting. The attack may be launched remotely. The exploit h...
CVE-2025-10255 Ascensio System SIA OnlyOffice Comment Messages.aspx cross site scripting
A vulnerability was determined in Ascensio System SIA OnlyOffice up to 12.7.0. Impacted is an unknown function of the file /Products/Projects/Messages.aspx of the component Comment Handler. Executing manipulation can lead to cross site scripting. The attack may be launched remotely. The exploit h...
CVE-2025-10254 Ascensio System SIA OnlyOffice SVG Image Messages.aspx cross site scripting
A vulnerability was found in Ascensio System SIA OnlyOffice up to 12.7.0. This issue affects some unknown processing of the file /Products/Projects/Messages.aspx of the component SVG Image Handler. Performing manipulation results in cross site scripting. The attack may be initiated remotely. The...
PT-2025-37192
Name of the Vulnerable Software and Affected Versions: OnlyOffice versions through 12.7.0 Description: A vulnerability exists in Ascensio System SIA OnlyOffice that can lead to cross site scripting. The issue is located in the Comment Handler component, specifically within the file...
PT-2025-37191
Name of the Vulnerable Software and Affected Versions: OnlyOffice versions up to 12.7.0 Description: A cross site scripting issue exists due to unknown processing of the file /Products/Projects/Messages.aspx within the SVG Image Handler component. The attack can be initiated remotely. The exploit...
Ascensio System ONLYOFFICE 安全漏洞
Ascensio System ONLYOFFICE is an office software from Ascensio System, Latvia. A security vulnerability exists in Ascensio System ONLYOFFICE version 12.7.0 and earlier, which stems from an incorrect manipulation of the component Comment Handler in the file /Products/Projects/Messages.aspx, which...