CVE-2021-43446
Description
ONLYOFFICE all versions as of 2021-11-08 is vulnerable to Cross Site Scripting (XSS). The "macros" feature of the document editor allows malicious cross site scripting payloads to be used.
References
Third Party Advisory
ProductVendor Advisory
ExploitMitigationThird Party Advisory
CvssV3 impact
Could not find any metrics
CvssV2 impact
Could not find any metrics