Read Time:10 Second
ONLYOFFICE all versions as of 2021-11-08 is vulnerable to Server-Side Request Forgery (SSRF). The document editor service can be abused to read and serve arbitrary URLs as a document.
Daily Archives: January 23, 2023
CVE-2021-43448
Read Time:12 Second
ONLYOFFICE all versions as of 2021-11-08 is vulnerable to Improper Input Validation. A lack of input validation can allow an attacker to spoof the names of users who interact with a document, if the document id is known.
CVE-2021-43447
Read Time:9 Second
ONLYOFFICE all versions as of 2021-11-08 is affected by Incorrect Access Control. An authentication bypass in the document editor allows attackers to edit documents without authentication.
CVE-2021-43446
Read Time:9 Second
ONLYOFFICE all versions as of 2021-11-08 is vulnerable to Cross Site Scripting (XSS). The “macros” feature of the document editor allows malicious cross site scripting payloads to be used.
CVE-2021-43445
Read Time:12 Second
ONLYOFFICE all versions as of 2021-11-08 is affected by Incorrect Access Control. An attacker can authenticate with the web socket service of the ONLYOFFICE document editor which is protected by JWT auth by using a default JWT signing key.
CVE-2021-43444
Read Time:9 Second
ONLYOFFICE all versions as of 2021-11-08 is affected by Incorrect Access Control. Signed document download URLs can be forged due to a weak default URL signing key.
CVE-2021-24881
Read Time:15 Second
The Passster WordPress plugin before 3.5.5.9 does not properly check for password, as well as that the post to be viewed is public, allowing unauthenticated users to bypass the protection offered by the plugin, and access arbitrary posts (such as private) content, by sending a specifically crafted request.
CVE-2021-24837
Read Time:11 Second
The Passster WordPress plugin before 3.5.5.8 does not escape the area parameter of its shortcode, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks.
USN-5806-2: Ruby vulnerability
Read Time:21 Second
USN-5806-1 fixed vulnerabilities in Ruby. This update fixes the problem
for Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.10.
Original advisory details:
Hiroshi Tokumaru discovered that Ruby did not properly handle certain
user input for applications which generate HTTP responses using cgi gem.
An attacker could possibly use this issue to maliciously modify the
response a user would receive from a vulnerable application.
USN-5819-1: HAProxy vulnerability
Read Time:9 Second
It was discovered that HAProxy incorrectly handled certain messages. A
remote attacker could possibly use this issue to cause HAProxy to stop
responding, resulting in a denial of service.