HIGH🇬🇧 English

CVE-2023-48314

CVSS 7.1v3.1pub. 2023-12-01upd. 2024-11-21

Collabora Online is a collaborative online office suite based on LibreOffice technology. Users of Nextcloud with Collabora Online Built-in CODE Server app can be vulnerable to attack via proxy.php. This vulnerability has been fixed in Collabora Online - Built-in CODE Server (richdocumentscode) release 23.5.403. Users are advised to upgrade. There are no known workarounds for this vulnerability.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
  • Collaboraoffice Collabora Online

    APP
    Collaboraoffice
    < 23.5.403
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
XSS
CWE
Referencje

Powiązane podatności

CVE-2023-34088HIGH8.7ten sam produkt

Collabora Online is a collaborative online office suite. A stored cross-site scripting (XSS) vulnerability was...

CVE-2024-29182MEDIUM6.1ten sam produkt

Collabora Online is a collaborative online office suite based on LibreOffice. A stored cross-site scripting vu...

CVE-2023-49782HIGH7.1ten sam vendor

Collabora Online is a collaborative online office suite based on LibreOffice technology. Users of Nextcloud wi...

CVE-2023-49788HIGH7.2ten sam vendor

Collabora Online is a collaborative online office suite based on LibreOffice technology. Unlike a standalone d...

CVE-2021-25630HIGH7.8ten sam vendor

"loolforkit" is a privileged program that is supposed to be run by a special, non-privileged "lool" user. Befo...