7 matches found
CVE-2024-25114
CVE-2024-25114 affects Collabora Online (LibreOffice-based online suite). The vulnerability arises because the CELL() function, when used with the filename argument in the spreadsheet component, can reveal a JailID path used for per-document process isolation. This information disclosure is consi...
CVE-2024-45045
CVE-2024-45045 affects mobile variants (Android/iOS) of Collabora Online, based on LibreOffice. The vulnerability enables injection of JavaScript through URL-encoded values in links within documents, exploiting the Android JavaScript interface which can access internal functions. Non-mobile varia...
CVE-2021-43817
CVE-2021-43817 affects Collabora Online (including Collabora Online/ CODE). A reflected XSS vulnerability exists where unescaped HTML injected into a variable during iframe creation can execute scripts within the Collabora Online iframe. Impact per sources includes access to a small set of browse...
CVE-2021-32745
CVE-2021-32745 is a reflected XSS vulnerability in Collabora Online prior to version 6.4.9-5. An attacker could inject unescaped HTML into a variable when creating the Collabora Online iframe, enabling scripts to run in the iframe context and access a small set of browser-stored user settings and...
CVE-2021-32744
CVE-2021-32744 affects Collabora Online. Versions prior to 4.2.17-1 and 6.4.9-5 allow unauthenticated attackers to access files open by other users by guessing the file identifier (IDOR). The file-identifier predictability depends on external storage implementations. Patches exist in 4.2.17-1 and...
CVE-2023-31145
CVE-2023-31145 describes a reflected XSS with full CSP bypass in Collabora Online when installed with the Nextcloud bundle. The vulnerability allows an attacker to inject malicious code into pages and run in the victim’s browser session, enabling a trivial account takeover attack. Exploitation re...
CVE-2025-66208
CVE-2025-66208 affects Collabora Online – Built-in CODE Server (richdocumentscode proxy). The vulnerability is a configuration-dependent OS command injection (RCE) in the richdocumentscode proxy present in versions prior to 25.04.702, exploitable by attackers via proxy.php and an intermediate rev...