EUVD-2022-50175

Malicious code in bioql PyPI...

The vulnerability of the DocumentHandler component of the ONLYOFFICE Workspace document management system arises due to deficiencies in the encryption of user-input data. This vulnerability allows attackers to execute cross-site scripting (XSS) attacks.

The vulnerability of the DocumentHandler component of the ONLYOFFICE Workspace document management system exists due to deficiencies in the encryption of user-input data. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting attacks XSS remotely...

CVE-2022-47412

Given a malicious document provided by an attacker, the ONLYOFFICE Workspace DMS is vulnerable to a stored persistent, or "Type II" cross-site scripting XSS condition...

CVE-2022-47412 ONLYOFFICE Workspace Search Stored XSS

Given a malicious document provided by an attacker, the ONLYOFFICE Workspace DMS is vulnerable to a stored persistent, or "Type II" cross-site scripting XSS condition...

CVE-2022-47412 ONLYOFFICE Workspace Search Stored XSS

Given a malicious document provided by an attacker, the ONLYOFFICE Workspace DMS is vulnerable to a stored persistent, or "Type II" cross-site scripting XSS condition...

Ascensio System ONLYOFFICE 跨站脚本漏洞

Ascensio System ONLYOFFICE is an office software from Ascensio System, Latvia. A security vulnerability exists in Ascensio System ONLYOFFICE Workspace DMS. An attacker could exploit this vulnerability to conduct cross-site scripting attacks...