CVE-2023-34088
Collabora Online has Stored Cross-Site-Scripting vulnerability in admin interface
Severity Score
5.4
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Collabora Online is a collaborative online office suite. A stored cross-site scripting (XSS) vulnerability was found in Collabora Online prior to versions 22.05.13, 21.11.9.1, and 6.4.27. An attacker could create a document with an XSS payload as a document name. Later, if an administrator opened the admin console and navigated to the history page, the document name was injected as unescaped HTML and executed as a script inside the context of the admin console. The administrator JSON web token (JWT) used for the websocket connection could be leaked through this flaw. Users should upgrade to Collabora Online 22.05.13 or higher; Collabora Online 21.11.9.1 or higher; Collabora Online 6.4.27 or higher to receive a patch.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2023-05-25 CVE Reserved
- 2023-05-31 CVE Published
- 2024-06-06 EPSS Updated
- 2024-08-02 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CAPEC
References (1)
| URL | Tag | Source |
|---|---|---|
| https://github.com/CollaboraOnline/online/security/advisories/GHSA-7582-pwfh-3pwr | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Collaboraoffice Search vendor "Collaboraoffice" | Collabora Online Search vendor "Collaboraoffice" for product "Collabora Online" | < 6.4.27 Search vendor "Collaboraoffice" for product "Collabora Online" and version " < 6.4.27" | - |
Affected
| ||||||
| Collaboraoffice Search vendor "Collaboraoffice" | Collabora Online Search vendor "Collaboraoffice" for product "Collabora Online" | >= 21.0 < 21.11.9.1 Search vendor "Collaboraoffice" for product "Collabora Online" and version " >= 21.0 < 21.11.9.1" | - |
Affected
| ||||||
| Collaboraoffice Search vendor "Collaboraoffice" | Collabora Online Search vendor "Collaboraoffice" for product "Collabora Online" | >= 22.0 < 22.05.13 Search vendor "Collaboraoffice" for product "Collabora Online" and version " >= 22.0 < 22.05.13" | - |
Affected
| ||||||