all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Multiple Document Management XSS Flaw Let Attackers Access Sensitive Documents

Add to bookmarks
Feb. 9, 2023, 4:49 p.m. | Guru

Cyber Security News cybersecuritynews.com

Rapid7 uncovered a number of vulnerabilities with on-premises installations of open-source and freemium Document Management System (DMS) services from four different vendors: LogicalDOC, Mayan, ONLYOFFICE, and OpenKM. The eight vulnerabilities, according to Rapid7, provide a mechanism by which an attacker can convince a human operator to save a malicious document on the platform and, after […]


The post <strong>Multiple Document Management XSS Flaw Let Attackers Access Sensitive Documents</strong> appeared first on Cyber Security News.

access attackers dms document documents flaw freemium human malicious management platform rapid7 services system vendors vulnerabilities vulnerability xss xss flaw

Visit resource

More from cybersecuritynews.com / Cyber Security News

MuddyWater Hackers Abusing Legitimate RMM Tool to Deliver Malware 4 hours ago | cybersecuritynews.com
abusing actor agent atera +26
Hackers Actively Exploiting WP Automatic Updates Plugin Vulnerability 4 hours ago | cybersecuritynews.com
attack automatic can compromise +27
Microsoft Releases Historical MS-DOS 4.0 Source Code to the Public 4 hours ago | cybersecuritynews.com
accessibility code decision developers +12
PoC Exploit Released For Critical Flowmon Vulnerability 5 hours ago | cybersecuritynews.com
analysis a network command command injection +26
Chrome Critical Flaw Let Attackers Execute Arbitary Code : Patch Now 5 hours ago | cybersecuritynews.com
arbitrary code attackers browservulnerability channel +21
Hackers Exploit Google Ads to Spread IP Scanner with Concealed Backdoor 16 hours ago | cybersecuritynews.com
ads attacker backdoor campaign +23
PlugX USB worm Infected Over 2.5M Devices 22 hours ago | cybersecuritynews.com
cyber security cybersecurity devices fame +11
Founders of Cryptocurrency Mixing Service Arrested for Money Laundering Offenses 22 hours ago | cybersecuritynews.com
arrested business criminal cryptocurrency +11
Hackers Employ Black Hat SEO Techniques To Deliver Malware 23 hours ago | cybersecuritynews.com
black hat black hat seo blogging cyber-attack +28

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

IT Security Manager

@ Teltonika | Vilnius/Kaunas, VL, LT
View on infosec-jobs.com

Security Officer - Part Time - Harrah's Gulf Coast

@ Caesars Entertainment | Biloxi, MS, United States
View on infosec-jobs.com

DevSecOps Full-stack Developer

@ Peraton | Fort Gordon, GA, United States
View on infosec-jobs.com

Cybersecurity Cooperation Lead

@ Peraton | Stuttgart, AE, United States
View on infosec-jobs.com

Cybersecurity Engineer - Malware & Forensics

@ ManTech | 201DU - Customer Site,Herndon, VA
View on infosec-jobs.com
View more jobs