COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2023-30187

CVE-2023-30187

Severity
critical
Source
NVD · cve
Published
2023-08-14
CVSS
9.8
Reference
https://nvd.nist.gov/vuln/detail/CVE-2023-30187
⚡ RCE shame 50/100 rce

An out of bounds memory access vulnerability in ONLYOFFICE DocumentServer 4.0.3 through 7.3.2 allows remote attackers to run arbitrary code via crafted JavaScript file.

Players implicated

onlyoffice · vendordocument server · product

Description

An out of bounds memory access vulnerability in ONLYOFFICE DocumentServer 4.0.3 through 7.3.2 allows remote attackers to run arbitrary code via crafted JavaScript file.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.