Cross-Site-Scripting vulnerability in error message passing in richdocumentscode
CVE-2023-49782
7.1HIGH
What is CVE-2023-49782?
Collabora Online, a collaborative online office suite leveraging LibreOffice technology, is exposed to a vulnerability affecting Nextcloud users utilizing the 'Collabora Online - Built-in CODE Server'. This security flaw, located in proxy.php, allows potential attackers to conduct unauthorized actions. The issue has been resolved in the latest release (version 23.5.601), and users are strongly advised to update their systems immediately, as no alternative workarounds are available.
Affected Version(s)
online < 23.5.601