Community Server
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2007-0925 | 0.03 | — | 0.02 | Feb 14, 2007 | Cross-site scripting (XSS) vulnerability in search/SearchResults.aspx in Community Server allows remote attackers to inject arbitrary web script or HTML via the q parameter. | |||
| CVE-2023-34939 | 0.01 | — | 0.05 | Jun 22, 2023 | Onlyoffice Community Server before v12.5.2 was discovered to contain a remote code execution (RCE) vulnerability via the component UploadProgress.ashx. | |||
| CVE-2006-0535 | 0.00 | — | 0.02 | Feb 4, 2006 | Multiple cross-site scripting (XSS) vulnerabilities in Community Server allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors. NOTE: this candidate does not contain any actionable or distinguishing information. Perhaps it should not be… |
- CVE-2007-0925Feb 14, 2007risk 0.03cvss —epss 0.02
Cross-site scripting (XSS) vulnerability in search/SearchResults.aspx in Community Server allows remote attackers to inject arbitrary web script or HTML via the q parameter.
- CVE-2023-34939Jun 22, 2023risk 0.01cvss —epss 0.05
Onlyoffice Community Server before v12.5.2 was discovered to contain a remote code execution (RCE) vulnerability via the component UploadProgress.ashx.
- CVE-2006-0535Feb 4, 2006risk 0.00cvss —epss 0.02
Multiple cross-site scripting (XSS) vulnerabilities in Community Server allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors. NOTE: this candidate does not contain any actionable or distinguishing information. Perhaps it should not be…