Unrated severityNVD Advisory· Published Apr 15, 2020· Updated Aug 4, 2024
CVE-2020-11537
CVE-2020-11537
Description
A SQL Injection issue was discovered in ONLYOFFICE Document Server 5.5.0. An attacker can execute arbitrary SQL queries via injection to DocID parameter of Websocket API.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- ONLYOFFICE/Document Serverdescription
- Range: = 5.5.0
Patches
Vulnerability mechanics
References
2- gist.github.com/andrewaeva/beb92d3d2f1c5672dbda5050e323f6a0mitrex_refsource_MISC
- github.com/ONLYOFFICE/DocumentServer/blob/master/CHANGELOG.mdmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.