SEC Consult SA-20250612-0 :: Reflected Cross-Site Scripting in ONLYOFFICE Docs (DocumentServer)

June 18, 2025

SEC Consult SA-20250612-0 :: Reflected Cross-Site Scripting in ONLYOFFICE Docs (DocumentServer)

Full Disclosure
mailing list archives
SEC Consult SA-20250612-0 :: Reflected Cross-Site Scripting in ONLYOFFICE Docs (DocumentServer)
From: SEC Consult Vulnerability Lab via Fulldisclosure

Published Date:
Jun 18, 2025 (1 hour, 29 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-5301

Source: Read More

Previous Article: “Glass Cage” – Zero-Click iMessage → Persistent iOS Compromise + Bricking (CVE-2025-24085 / 24201, CNVD-2025-07885)

Next Article SEC Consult SA-20250611-0 :: Undocumented Root Shell Access on SIMCom SIM7600G Modem

Error’d: You Talkin’ to Me?

The Psychology Of Trust In AI: A Guide To Measuring And Designing For User Confidence

This week in AI updates: OpenAI Codex updates, Claude integration in Xcode 26, and more (September 19, 2025)

Report: The major factors driving employee disengagement in 2025

Development Release: Zorin OS 18 Beta

Distribution Release: IPFire 2.29 Core 197

Development Release: Ubuntu 25.10 Beta

Development Release: Linux Mint 7 Beta “LMDE”

The attack on the npm ecosystem continues

The attack on the npm ecosystem continues

Feature Highlight

SVAR React Core – New UI Library with 20+ Components

Hyprland Made Easy: Preconfigured Beautiful Distros

Hyprland Made Easy: Preconfigured Beautiful Distros

Development Release: Zorin OS 18 Beta

Distribution Release: IPFire 2.29 Core 197

SEC Consult SA-20250612-0 :: Reflected Cross-Site Scripting in ONLYOFFICE Docs (DocumentServer)

SEC Consult SA-20250612-0 :: Reflected Cross-Site Scripting in ONLYOFFICE Docs (DocumentServer)

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

CVE-2025-6448 – Code-projects Simple Online Hotel Reservation System SQL Injection Vulnerability

CVE-2025-4118 – Weitong Mall Product History Handler Improper Access Controls Vulnerability

CVE-2023-3867 – Kerberos SMB Out-of-Bounds Read Vulnerability

Testing Webhooks 2

CVE-2025-23311 – NVIDIA Triton Inference Server Stack Overflow Remote Code Execution Vulnerability

Early Memorial Day deals are LIVE on Windows PCs, gaming accessories, and more — 6 hand-picked discounts on our favorites

CVE-2025-45797 – TOTOlink A950RG Buffer Overflow Vulnerability in NoticeUrl Parameter

Chain-of-Thought May Not Be a Window into AI’s Reasoning: Anthropic’s New Study Reveals Hidden Gaps

SEC Consult SA-20250612-0 :: Reflected Cross-Site Scripting in ONLYOFFICE Docs (DocumentServer)

SEC Consult SA-20250612-0 :: Reflected Cross-Site Scripting in ONLYOFFICE Docs (DocumentServer)

Related Posts