COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2023-30186

CVE-2023-30186

Severity
critical
Source
NVD · cve
Published
2023-08-14
CVSS
9.8
Reference
https://nvd.nist.gov/vuln/detail/CVE-2023-30186
⚡ RCE shame 50/100 rce

A use after free issue discovered in ONLYOFFICE DocumentServer 4.0.3 through 7.3.2 allows remote attackers to run arbitrary code via crafted JavaScript file.

Players implicated

onlyoffice · vendordocument server · product

Description

A use after free issue discovered in ONLYOFFICE DocumentServer 4.0.3 through 7.3.2 allows remote attackers to run arbitrary code via crafted JavaScript file.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.