GHSA-HCWP-82G6-8WXC Open WebUI has stored XSS via unsanitized Office/Excel/DOCX file preview rendering ({@html} without DOMPurify)

Related advisory This advisory tracks a regression of the original Excel-preview XSS that was publicly disclosed and patched under GHSA-jwf8-pv5p-vhmc patched in v0.8.0. The same root cause — XLSX.utils.sheettohtml output rendered via @html excelHtml without DOMPurify — was reintroduced sometime...

Open WebUI has stored XSS via unsanitized Office/Excel/DOCX file preview rendering ({@html} without DOMPurify)

Related advisory This advisory tracks a regression of the original Excel-preview XSS that was publicly disclosed and patched under GHSA-jwf8-pv5p-vhmc patched in v0.8.0. The same root cause — XLSX.utils.sheettohtml output rendered via @html excelHtml without DOMPurify — was reintroduced sometime...

APT28 Uses Microsoft Office CVE-2026-21509 in Espionage-Focused Malware Attacks

The Russia-linked state-sponsored threat actor known as APT28 aka UAC-0001 has been attributed to attacks exploiting a newly disclosed security flaw in Microsoft Office as part of a campaign codenamed Operation Neusploit. Zscaler ThreatLabz said it observed the hacking group weaponizing the...

CVE-2025-13396

A weakness has been identified in code-projects Courier Management System 1.0. This affects an unknown function of the file /add-office.php. This manipulation of the argument OfficeName causes sql injection. The attack may be initiated remotely. The exploit has been made available to the public a...

EUVD-2025-198050

XWiki Remote Macros provides XWiki rendering macros that are useful when migrating content from Confluence. Prior to version 1.27.0, a user with no view rights on a page may see the content of an office attachment displayed with the view file macro. This issue has been patched in version 1.27.0...

CVE-2025-13396

A weakness has been identified in code-projects Courier Management System 1.0. This affects an unknown function of the file /add-office.php. This manipulation of the argument OfficeName causes sql injection. The attack may be initiated remotely. The exploit has been made available to the public a...

CVE-2025-13396

The CVE-2025-13396 entry concerns Code-Projects Courier Management System 1.0. A vulnerability exists in the /add-office.php code, where manipulating the OfficeName parameter enables SQL injection. The attack can be initiated remotely, and the exploit has been publicly released. Documents consist...

CVE-2025-13396 code-projects Courier Management System add-office.php sql injection

A weakness has been identified in code-projects Courier Management System 1.0. This affects an unknown function of the file /add-office.php. This manipulation of the argument OfficeName causes sql injection. The attack may be initiated remotely. The exploit has been made available to the public a...

EUVD-2023-42065

Malicious code in bioql PyPI...

CVE-2024-57096

An issue in wps office before v.19302 allows a local attacker to obtain sensitive information via a crafted file...

CVE-2024-25525

RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the filename parameter at /WorkFlow/OfficeFileDownload.aspx...

RuvarOA 安全漏洞

RuvarOA is an office automation system of Ruvar China. A SQL injection vulnerability exists in RuvarOA v6.01 and v12.01, which is caused by the lack of validation of the filename parameter of the /WorkFlow/OfficeFileDownload.aspx file against external SQL input. An attacker can exploit this...

PT-2024-20990 · Ruvaroa · Ruvaroa

Name of the Vulnerable Software and Affected Versions: RuvarOA versions 6.01 through 12.01 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the id parameter at the "/WorkFlow/wf office file history show.aspx" API endpoint. Recommendations...

CVE-2024-25529

RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the id parameter at /WorkFlow/wfofficefilehistoryshow.aspx...

[SECURITY] Fedora 40 Update: libreoffice-24.2.1.2-5.fc40

LibreOffice is an Open Source, community-developed, office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites...

CVE-2023-38245

Adobe Acrobat Reader versions 23.003.20244 and earlier and 20.005.30467 and earlier are affected by an Information Disclosure vulnerability. An unauthenticated attacker could leverage this vulnerability to obtain NTLMv2 credentials. Exploitation of this issue requires user interaction in that a...

CVE-2023-38245

Adobe Acrobat Reader versions 23.003.20244 and earlier and 20.005.30467 and earlier are affected by an Information Disclosure vulnerability. An unauthenticated attacker could leverage this vulnerability to obtain NTLMv2 credentials. Exploitation of this issue requires user interaction in that a...

CVE-2021-44739

Acrobat Reader DC ActiveX Control versions 21.007.20099 and earlier, 20.004.30017 and earlier and 17.011.30204 and earlier are affected by an Information Disclosure vulnerability. An unauthenticated attacker could leverage this vulnerability to obtain NTLMv2 credentials. Exploitation of this issu...

CVE-2021-44739

Acrobat Reader DC ActiveX Control versions 21.007.20099 and earlier, 20.004.30017 and earlier and 17.011.30204 and earlier are affected by an Information Disclosure vulnerability. An unauthenticated attacker could leverage this vulnerability to obtain NTLMv2 credentials. Exploitation of this issu...

Security Updates for Microsoft Office Online Server and Microsoft Office Web Apps (November 2020)

The Microsoft Office Web Apps installation on the remote host is missing security updates. It is, therefore, affected by unspecified remote code execution vulnerabilities. An attacker can use a specially crafted Office file to exploit these vulnerabilities. CVE-2020-17064, CVE-2020-17065 C Tenabl...