CVE-2025-68936 – ONLYOFFICE Docs Cross-Site Scripting Vulnerability

CVE ID : CVE-2025-68936

Published : Dec. 25, 2025, 8:07 p.m. | 14 minutes ago

Description : ONLYOFFICE Docs before 9.2.1 allows XSS via the Color theme name. This is related to DocumentServer.

Severity: 6.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2025-15088 – ketr JEPaaS loadPostil postilService.loadPostils sql injection

CVE-2025-15087 – youlaitech youlai-mall OrderController.java submitOrderPayment improper authorization

CVE-2025-15086 – youlaitech youlai-mall MemberController.java getMemberByMobile access control

CVE-2025-68935 – ONLYOFFICE Docs Cross-Site Scripting (XSS) Vulnerability