Multiple Document Management XSS Flaw Let Attackers Access Sensitive Documents | allinfosecnews.com

Feb. 9, 2023, 4:49 p.m. | Guru

Cyber Security News cybersecuritynews.com

Rapid7 uncovered a number of vulnerabilities with on-premises installations of open-source and freemium Document Management System (DMS) services from four different vendors: LogicalDOC, Mayan, ONLYOFFICE, and OpenKM. The eight vulnerabilities, according to Rapid7, provide a mechanism by which an attacker can convince a human operator to save a malicious document on the platform and, after […]

The post <strong>Multiple Document Management XSS Flaw Let Attackers Access Sensitive Documents</strong> appeared first on Cyber Security News.

access attackers dms document documents flaw freemium human malicious management platform rapid7 services system vendors vulnerabilities vulnerability xss xss flaw

More from cybersecuritynews.com / Cyber Security News

ELLIO and ntop partnership to boost high-speed network traffic monitoring with real-time data on opportunistic … 1 day, 19 hours ago | cybersecuritynews.com

applications attacks botnets commercial +17

Windows-based AllaKore Malware Abuses Azure Cloud for C2 Infrastructure 1 day, 20 hours ago | cybersecuritynews.com

accounts azure azure cloud bank +27

Hackers Impersonating As Fake Toll Payment Processor Across The U.S. 1 day, 20 hours ago | cybersecuritynews.com

cyber security cybersecurity e-zpass e-zpass fraud +21

Hackers Compromised 600,000 SOHO Routers Within 72 Hours For Botnet 1 day, 20 hours ago | cybersecuritynews.com

72 hours attack attacks botnet +26

Telegram Know For Secure Messaging, Now Became A Tool For Cybercriminals 1 day, 22 hours ago | cybersecuritynews.com

abuse creators cybercriminals cyber security +12

Microsoft Observed Huge-Surge In Attacks Targeting Internet-Exposed OT Devices In WWS 2 days ago | cybersecuritynews.com

attacks cyberattacks cyberav3ngers cyber security +24

RedTail Cryptominer Exploiting Palo Alto Networks Firewall Zero-day Flaw 2 days, 5 hours ago | cybersecuritynews.com

alto arbitrary code attackers code +33

BBC Data Breach: Hackers Access Cloud-Based Storage Service 2 days, 6 hours ago | cybersecuritynews.com

access bbc breach cloud +25

New Meterpreter Backdoor Hides Malicious Codes Within the Image 2 days, 20 hours ago | cybersecuritynews.com

any.run backdoor code conceal +13

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland

View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City

View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL

View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US

View on infosec-jobs.com

Security Compliance Strategist

@ Grab | Petaling Jaya, Malaysia

View on infosec-jobs.com

Cloud Security Architect, Lead

@ Booz Allen Hamilton | USA, VA, McLean (1500 Tysons McLean Dr)

View on infosec-jobs.com