{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-5301", "assignerOrgId": "551230f0-3615-47bd-b7cc-93e92e730bbf", "state": "PUBLISHED", "assignerShortName": "SEC-VLab", "dateReserved": "2025-05-28T09:59:37.753Z", "datePublished": "2025-06-12T07:59:05.650Z", "dateUpdated": "2025-06-18T04:08:26.144Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Docs (DocumentServer)", "vendor": "OnlyOffice", "versions": [{"status": "affected", "version": "<=8.3.1"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Max Rull, SEC Consult Vulnerability Lab"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>ONLYOFFICE Docs (DocumentServer) in versions equal and below 8.3.1 are affected by a reflected cross-site scripting (XSS) issue when opening files via the WOPI protocol. Attackers could inject malicious scripts via crafted HTTP POST requests, which are then reflected in the server's HTML response.</p><br><br>"}], "value": "ONLYOFFICE Docs (DocumentServer) in versions equal and below 8.3.1 are affected by a reflected cross-site scripting (XSS) issue when opening files via the WOPI protocol. Attackers could inject malicious scripts via crafted HTTP POST requests, which are then reflected in the server's HTML response."}], "impacts": [{"capecId": "CAPEC-591", "descriptions": [{"lang": "en", "value": "CAPEC-591 Reflected XSS"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "551230f0-3615-47bd-b7cc-93e92e730bbf", "shortName": "SEC-VLab", "dateUpdated": "2025-06-12T07:59:05.650Z"}, "references": [{"tags": ["third-party-advisory"], "url": "https://r.sec-consult.com/onlyoffice"}, {"tags": ["release-notes"], "url": "https://github.com/ONLYOFFICE/DocumentServer/blob/master/CHANGELOG.md#832"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>The vendor provides a patched version v8.3.2 (or higher) which can be downloaded from:</p><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://github.com/ONLYOFFICE/DocumentServer/\">https://github.com/ONLYOFFICE/DocumentServer/</a>&nbsp;</p><br><br>"}], "value": "The vendor provides a patched version v8.3.2 (or higher) which can be downloaded from:\n\n https://github.com/ONLYOFFICE/DocumentServer/"}], "source": {"discovery": "EXTERNAL"}, "title": "Reflected Cross-Site Scripting in ONLYOFFICE Docs (DocumentServer)", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"references": [{"url": "https://sec-consult.com/vulnerability-lab/advisory/reflected-cross-site-scripting-in-onlyoffice-docs-documentserver/", "tags": ["exploit"]}], "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-06-12T13:45:27.605229Z", "id": "CVE-2025-5301", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-12T13:48:22.288Z"}}, {"title": "CVE Program Container", "references": [{"url": "http://seclists.org/fulldisclosure/2025/Jun/18"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-06-18T04:08:26.144Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "http://seclists.org/fulldisclosure/2025/Jun/18"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-06-18T04:08:26.144Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-5301", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-06-12T13:45:27.605229Z"}}}], "references": [{"url": "https://sec-consult.com/vulnerability-lab/advisory/reflected-cross-site-scripting-in-onlyoffice-docs-documentserver/", "tags": ["exploit"]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-12T13:48:13.545Z"}}], "cna": {"title": "Reflected Cross-Site Scripting in ONLYOFFICE Docs (DocumentServer)", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Max Rull, SEC Consult Vulnerability Lab"}], "impacts": [{"capecId": "CAPEC-591", "descriptions": [{"lang": "en", "value": "CAPEC-591 Reflected XSS"}]}], "affected": [{"vendor": "OnlyOffice", "product": "Docs (DocumentServer)", "versions": [{"status": "affected", "version": "<=8.3.1"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "The vendor provides a patched version v8.3.2 (or higher) which can be downloaded from:\n\n https://github.com/ONLYOFFICE/DocumentServer/", "supportingMedia": [{"type": "text/html", "value": "<p>The vendor provides a patched version v8.3.2 (or higher) which can be downloaded from:</p><p><a target=\"_blank\" rel=\"nofollow\" href=\"https://github.com/ONLYOFFICE/DocumentServer/\">https://github.com/ONLYOFFICE/DocumentServer/</a>&nbsp;</p><br><br>", "base64": false}]}], "references": [{"url": "https://r.sec-consult.com/onlyoffice", "tags": ["third-party-advisory"]}, {"url": "https://github.com/ONLYOFFICE/DocumentServer/blob/master/CHANGELOG.md#832", "tags": ["release-notes"]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "ONLYOFFICE Docs (DocumentServer) in versions equal and below 8.3.1 are affected by a reflected cross-site scripting (XSS) issue when opening files via the WOPI protocol. Attackers could inject malicious scripts via crafted HTTP POST requests, which are then reflected in the server's HTML response.", "supportingMedia": [{"type": "text/html", "value": "<p>ONLYOFFICE Docs (DocumentServer) in versions equal and below 8.3.1 are affected by a reflected cross-site scripting (XSS) issue when opening files via the WOPI protocol. Attackers could inject malicious scripts via crafted HTTP POST requests, which are then reflected in the server's HTML response.</p><br><br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')"}]}], "providerMetadata": {"orgId": "551230f0-3615-47bd-b7cc-93e92e730bbf", "shortName": "SEC-VLab", "dateUpdated": "2025-06-12T07:59:05.650Z"}}}, "cveMetadata": {"cveId": "CVE-2025-5301", "state": "PUBLISHED", "dateUpdated": "2025-06-18T04:08:26.144Z", "dateReserved": "2025-05-28T09:59:37.753Z", "assignerOrgId": "551230f0-3615-47bd-b7cc-93e92e730bbf", "datePublished": "2025-06-12T07:59:05.650Z", "assignerShortName": "SEC-VLab"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "ONLYOFFICE Docs (DocumentServer) in versions equal and below 8.3.1 are affected by a reflected cross-site scripting (XSS) issue when opening files via the WOPI protocol. Attackers could inject malicious scripts via crafted HTTP POST requests, which are then reflected in the server's HTML response."}, {"lang": "es", "value": "ONLYOFFICE Docs (DocumentServer) en versiones iguales o inferiores a la 8.3.1 se ve afectado por un problema de cross-site scripting (XSS) al abrir archivos mediante el protocolo WOPI. Los atacantes podr\u00edan inyectar scripts maliciosos mediante solicitudes HTTP POST manipuladas, que posteriormente se reflejan en la respuesta HTML del servidor."}], "id": "CVE-2025-5301", "lastModified": "2025-06-18T05:15:50.287", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2025-06-12T08:15:23.603", "references": [{"source": "551230f0-3615-47bd-b7cc-93e92e730bbf", "url": "https://github.com/ONLYOFFICE/DocumentServer/blob/master/CHANGELOG.md#832"}, {"source": "551230f0-3615-47bd-b7cc-93e92e730bbf", "url": "https://r.sec-consult.com/onlyoffice"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://seclists.org/fulldisclosure/2025/Jun/18"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "url": "https://sec-consult.com/vulnerability-lab/advisory/reflected-cross-site-scripting-in-onlyoffice-docs-documentserver/"}], "sourceIdentifier": "551230f0-3615-47bd-b7cc-93e92e730bbf", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "551230f0-3615-47bd-b7cc-93e92e730bbf", "type": "Secondary"}]}

{}