CVE-2022-24229

CVE-2022-24229

EPSS 1.8%

A cross-site scripting (XSS) vulnerability in ONLYOFFICE Document Server Example before v7.0.0 allows remote attackers inject arbitrary HTML or JavaScript through /example/editor.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://github.com/ONLYOFFICE/DocumentServer https://github.com/ONLYOFFICE/document-server-integration/issues/252 https://www.onlyoffice.com/