CVE-2023-50883

ONLYOFFICE Docs before 8.0.1 allows XSS because a macro is an immediately-invoked function expression (IIFE), and therefore a sandbox escape is possible by directly calling the constructor of the Function object. NOTE: this issue exists because of an incorrect fix for CVE-2021-43446.
Configurations

Configuration 1 (hide)

cpe:2.3:a:onlyoffice:document_server:*:*:*:*:*:*:*:*

History

20 Sep 2024, 15:18

Type Values Removed Values Added
CPE cpe:2.3:a:onlyoffice:document_server:*:*:*:*:*:*:*:*
References () https://www.onlyoffice.com/ - () https://www.onlyoffice.com/ - Product
References () https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2023-027.txt - () https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2023-027.txt - Exploit, Third Party Advisory
References () https://www.syss.de/pentest-blog/cross-site-scripting-schwachstelle-in-onlyoffice-docs-syss-2023-027 - () https://www.syss.de/pentest-blog/cross-site-scripting-schwachstelle-in-onlyoffice-docs-syss-2023-027 - Third Party Advisory
First Time Onlyoffice document Server
Onlyoffice

10 Sep 2024, 15:35

Type Values Removed Values Added
CWE CWE-79
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 6.1

10 Sep 2024, 12:09

Type Values Removed Values Added
Summary
  • (es) Los documentos de ONLYOFFICE anteriores a la versión 8.0.1 permiten XSS porque una macro es una expresión de función invocada inmediatamente (IIFE) y, por lo tanto, es posible un escape de la zona protegida llamando directamente al constructor del objeto Función. NOTA: este problema existe debido a una corrección incorrecta de CVE-2021-43446.

09 Sep 2024, 20:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-09-09 20:15

Updated : 2024-09-20 15:18


NVD link : CVE-2023-50883

Mitre link : CVE-2023-50883

CVE.ORG link : CVE-2023-50883


JSON object : View

Products Affected

onlyoffice

  • document_server
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')