Office Online Server
by Microsoft
CVEs (185)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-1442 | 0.00 | — | 0.02 | Jul 14, 2020 | A spoofing vulnerability exists when an Office Web Apps server does not properly sanitize a specially crafted request, aka 'Office Web Apps XSS Vulnerability'. | |||
| CVE-2020-0695 | 0.00 | — | 0.01 | Feb 11, 2020 | A spoofing vulnerability exists when Office Online Server does not validate origin in cross-origin communications correctly, aka 'Microsoft Office Online Server Spoofing Vulnerability'. | |||
| CVE-2020-0647 | 0.00 | — | 0.01 | Jan 14, 2020 | A spoofing vulnerability exists when Office Online does not validate origin in cross-origin communications correctly, aka 'Microsoft Office Online Spoofing Vulnerability'. | |||
| CVE-2019-1447 | 0.00 | — | 0.01 | Nov 12, 2019 | A spoofing vulnerability exists when Office Online does not validate origin in cross-origin communications handlers correctly, aka 'Microsoft Office Online Spoofing Vulnerability'. This CVE ID is unique from CVE-2019-1445. | |||
| CVE-2019-1445 | 0.00 | — | 0.01 | Nov 12, 2019 | A spoofing vulnerability exists when Office Online does not validate origin in cross-origin communications handlers correctly, aka 'Microsoft Office Online Spoofing Vulnerability'. This CVE ID is unique from CVE-2019-1447. |
- CVE-2020-1442Jul 14, 2020risk 0.00cvss —epss 0.02
A spoofing vulnerability exists when an Office Web Apps server does not properly sanitize a specially crafted request, aka 'Office Web Apps XSS Vulnerability'.
- CVE-2020-0695Feb 11, 2020risk 0.00cvss —epss 0.01
A spoofing vulnerability exists when Office Online Server does not validate origin in cross-origin communications correctly, aka 'Microsoft Office Online Server Spoofing Vulnerability'.
- CVE-2020-0647Jan 14, 2020risk 0.00cvss —epss 0.01
A spoofing vulnerability exists when Office Online does not validate origin in cross-origin communications correctly, aka 'Microsoft Office Online Spoofing Vulnerability'.
- CVE-2019-1447Nov 12, 2019risk 0.00cvss —epss 0.01
A spoofing vulnerability exists when Office Online does not validate origin in cross-origin communications handlers correctly, aka 'Microsoft Office Online Spoofing Vulnerability'. This CVE ID is unique from CVE-2019-1445.
- CVE-2019-1445Nov 12, 2019risk 0.00cvss —epss 0.01
A spoofing vulnerability exists when Office Online does not validate origin in cross-origin communications handlers correctly, aka 'Microsoft Office Online Spoofing Vulnerability'. This CVE ID is unique from CVE-2019-1447.
Page 10 of 10