ONLYOFFICE all versions as of 2021-11-08 is affected by Incorrect Access Control. An attacker can authenticate with the web socket service of the ONLYOFFICE document editor which is protected by JWT auth by using a default JWT signing key.Read More

Back to Main

Subscribe for the latest news:
Generated by Feedzy
%d bloggers like this: