CVE-2021-43447
Published
CVSS v3
7.5
HIGH
CVSS v2
N/A
Affected
1
PROJECT
Description
ONLYOFFICE all versions as of 2021-11-08 is affected by Incorrect Access Control. An authentication bypass in the document editor allows attackers to edit documents without authentication.
The backend server software layer which is the part of ONLYOFFICE Document Server and is the base for all other components
GitHub