Security Advisory

CVE-2021-43444

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-01-23 00:00:00
Last updated 2025-04-02 16:06:02
Assigner mitre
State PUBLISHED

Description

ONLYOFFICE all versions as of 2021-11-08 is affected by Incorrect Access Control. Signed document download URLs can be forged due to a weak default URL signing key.