2025-12-24 20:19:25
mitre
PUBLISHED
ONLYOFFICE Docs before 9.2.1 allows XSS in the textarea of the comment editing form. This is related to DocumentServer.