cbcvebase.

Collaboraoffice Collabora Online vulnerabilities

3 known vulnerabilities affecting collaboraoffice/collabora_online.

Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM3

Vulnerabilities

Page 1 of 1
CVE-2023-48314P4MEDIUMCVSS 6.1fixed in 23.5.4032023-12-01
CVE-2023-48314 [MEDIUM] CWE-79 CVE-2023-48314: Collabora Online is a collaborative online office suite based on LibreOffice technology. Users of Ne Collabora Online is a collaborative online office suite based on LibreOffice technology. Users of Nextcloud with Collabora Online Built-in CODE Server app can be vulnerable to attack via proxy.php. This vulnerability has been fixed in Collabora Online - Built-in CODE Server (richdocumentscode) release 23.5.403. Users are advised to upgrade. There are
nvd
CVE-2024-29182P4MEDIUMCVSS 6.1fixed in 23.05.10.12024-04-04
CVE-2024-29182 [MEDIUM] CWE-79 CVE-2024-29182: Collabora Online is a collaborative online office suite based on LibreOffice. A stored cross-site sc Collabora Online is a collaborative online office suite based on LibreOffice. A stored cross-site scripting vulnerability was found in Collabora Online. An attacker could create a document with an XSS payload in document text referenced by field which, if hovered over to produce a tooltip, could be executed by the user's browser. Users should upgrade
nvd
CVE-2023-34088P4MEDIUMCVSS 5.4fixed in 6.4.27≥ 21.0, < 21.11.9.1+1 more2023-05-31
CVE-2023-34088 [MEDIUM] CWE-79 CVE-2023-34088: Collabora Online is a collaborative online office suite. A stored cross-site scripting (XSS) vulnera Collabora Online is a collaborative online office suite. A stored cross-site scripting (XSS) vulnerability was found in Collabora Online prior to versions 22.05.13, 21.11.9.1, and 6.4.27. An attacker could create a document with an XSS payload as a document name. Later, if an administrator opened the admin console and navigated to the history page, t
nvd
Collaboraoffice Collabora Online vulnerabilities | cvebase