Описание
A SQL Injection issue was discovered in ONLYOFFICE Document Server 5.5.0. An attacker can execute arbitrary SQL queries via injection to DocID parameter of Websocket API.
A SQL Injection issue was discovered in ONLYOFFICE Document Server 5.5.0. An attacker can execute arbitrary SQL queries via injection to DocID parameter of Websocket API.
EPSS
Процентиль: 54%
0.00309
Низкий
CVE ID
Связанные уязвимости
CVSS3: 9.8
nvd
почти 6 лет назад
A SQL Injection issue was discovered in ONLYOFFICE Document Server 5.5.0. An attacker can execute arbitrary SQL queries via injection to DocID parameter of Websocket API.
EPSS
Процентиль: 54%
0.00309
Низкий