Security Advisory
CVE-2021-43444
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
ONLYOFFICE all versions as of 2021-11-08 is affected by Incorrect Access Control. Signed document download URLs can be forged due to a weak default URL signing key.