Vulnerabilities > Onlyoffice > Server > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-23 | CVE-2021-43446 | Cross-site Scripting vulnerability in Onlyoffice Server 7.0.0.49 ONLYOFFICE all versions as of 2021-11-08 is vulnerable to Cross Site Scripting (XSS). | 6.1 |
| 2023-01-23 | CVE-2021-43448 | Improper Input Validation vulnerability in Onlyoffice Server 7.0.0.49 ONLYOFFICE all versions as of 2021-11-08 is vulnerable to Improper Input Validation. | 5.3 |