Security Advisory

CVE-2023-46988

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-04-01 00:00:00

Last updated 2025-04-15 22:29:50

Assigner mitre

State PUBLISHED

Description

Path Traversal vulnerability in ONLYOFFICE Document Server before v8.0.1 allows a remote attacker to copy arbitrary files by manipulating the fileExt parameter in the /example/editor endpoint, leading to unauthorized access to sensitive files and potential Denial of Service (DoS).

← Browse all CVEs View on cve.org ↗