Vulnerabilities > Collaboraoffice

DATE CVE VULNERABILITY TITLE RISK
2023-12-08 CVE-2023-49782 Cross-site Scripting vulnerability in Collaboraoffice Richdocumentscode 23.5.5
Collabora Online is a collaborative online office suite based on LibreOffice technology.
network
low complexity
collaboraoffice CWE-79
6.1
6.1
2023-12-08 CVE-2023-49788 Trust Boundary Violation vulnerability in Collaboraoffice Richdocumentscode 23.5.5/23.5.601
Collabora Online is a collaborative online office suite based on LibreOffice technology.
network
low complexity
collaboraoffice CWE-501
7.2
7.2
2023-12-01 CVE-2023-48314 Cross-site Scripting vulnerability in Collaboraoffice Collabora Online
Collabora Online is a collaborative online office suite based on LibreOffice technology.
network
low complexity
collaboraoffice CWE-79
6.1
6.1
2023-05-31 CVE-2023-34088 Cross-site Scripting vulnerability in Collaboraoffice Collabora Online
Collabora Online is a collaborative online office suite.
network
low complexity
collaboraoffice CWE-79
5.4
5.4
2021-02-23 CVE-2021-25630 Improper Privilege Management vulnerability in Collaboraoffice Online
"loolforkit" is a privileged program that is supposed to be run by a special, non-privileged "lool" user.
local
low complexity
collaboraoffice CWE-269
7.8
7.8
2020-07-21 CVE-2020-12432 Cross-site Scripting vulnerability in Collaboraoffice Collabora Online Development Edition
The WOPI API integration for Vereign Collabora CODE through 4.2.2 does not properly restrict delivery of JavaScript to a victim's browser, and lacks proper MIME type access control, which could lead to XSS that steals account credentials via cookies or local storage.
network
low complexity
collaboraoffice CWE-79
6.1
6.1