Vulnerabilities in CollaboraOnline
16 resultsCVE-2021-32744CRITICALUnauthenticated attacker could gain access to currently open filesEPSS 1.1%CVE-2025-66208HIGHConfiguration-Dependent RCE (OS Command Injection) in richdocumentscode proxyEPSS 0.9%CVE-2021-43817HIGHReflected Cross-Site-Scripting vulnerability in Collabora OnlineEPSS 0.6%CVE-2021-32745HIGHReflected Cross-Site-Scripting vulnerabilityEPSS 0.6%CVE-2023-49788HIGHImproper handling of browser-side provided input in richdocuments path handlingEPSS 0.5%CVE-2024-25114LOWSensitive Information Disclosure (JailID) to users in Collabora OnlineEPSS 0.5%CVE-2023-49782HIGHCross-Site-Scripting vulnerability in error message passing in richdocumentscodeEPSS 0.4%CVE-2025-24796MEDIUMRemote Code Execution within Collabora Online jail with Macros EnabledEPSS 0.4%CVE-2023-48314HIGHUnescaped passing of the request URL in Collabora OnlineEPSS 0.4%CVE-2023-34088HIGHCollabora Online has Stored Cross-Site-Scripting vulnerability in admin interfaceEPSS 0.4%CVE-2023-31145MEDIUMReflected XSS vulnerability in CollaboraOnlineEPSS 0.4%CVE-2025-27791HIGHCollabora Online Vulnerable to Arbitrary File WriteEPSS 0.4%CVE-2024-29182MEDIUMCollabora Online Stored Cross-Site-Scripting vulnerability via tooltipEPSS 0.3%CVE-2024-45045MEDIUMJavaScript Injection via url encoded values in links in Collabora Office AndroidEPSS 0.3%CVE-2024-37311HIGHCollabora Online's remote host TLS certificates are not fully verifiedEPSS 0.2%CVE-2026-23623MEDIUMCollabora Online vulnerable to Authorization BypassEPSS 0.2%