CVE-2025-68917 – ONLYOFFICE Docs Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-68917

Published : Dec. 24, 2025, 9:16 p.m. | 1 hour, 6 minutes ago

Description : ONLYOFFICE Docs before 9.2.1 allows XSS in the textarea of the comment editing form. This is related to DocumentServer.

Severity: 6.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2025-68920 – C-Kermit Remote File Overwrite/Vulnerable File Retrieval

CVE-2025-8769 – MegaSys Computer Technologies Telenium Online Web Application Improper Input Validation

CVE-2025-68919 – Fujitsu Fsas Technologies ETERNUS SF ACM/SC/Express Management Software Authentication Bypass

CVE-2025-3232 – Mitsubishi Electric Europe smartRTU Missing Authentication for Critical Function