Vulnerabilities > Onlyoffice > Document Server > High

DATE CVE VULNERABILITY TITLE RISK
2020-04-15 CVE-2020-11535 XML Injection (aka Blind XPath Injection) vulnerability in Onlyoffice Document Server 5.5.0
An issue was discovered in ONLYOFFICE Document Server 5.5.0.
network
low complexity
onlyoffice CWE-91
7.5
7.5
2020-04-15 CVE-2020-11534 Improper Input Validation vulnerability in Onlyoffice Document Server 5.5.0
An issue was discovered in ONLYOFFICE Document Server 5.5.0.
network
low complexity
onlyoffice CWE-20
7.5
7.5