1 results (0.001 seconds)
CVSS: 10.0EPSS: 16%CPEs: 1EXPL: 2
CVSS: 10.0EPSS: 16%CPEs: 1EXPL: 2CVE-2023-34939
https://notcve.org/view.php?id=CVE-2023-34939
22 Jun 2023 — Onlyoffice Community Server before v12.5.2 was discovered to contain a remote code execution (RCE) vulnerability via the component UploadProgress.ashx. • https://github.com/ONLYOFFICE/CommunityServer/blob/master/CHANGELOG.md#version-1252 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •