CVE-2023-48314
CVSS 3.1 Score 6.1 of 10 (medium)
Attack Complexity low
Scope changed
Confidentiality low
Integrity low
Availability none
Privileges Required none
Details
Published Dec 1, 2023
Updated: Dec 6, 2023
CWE ID 79
Summary
CVE-2023-48314 is a vulnerability affecting Collabora Online, an office suite based on LibreOffice technology used with Nextcloud's CODE Server app. This issue arises from a flaw in proxy.php, making it possible for attackers to exploit the system. The vulnerability has been rectified in Collabora Online release 23.5.403, and users are advised to upgrade as soon as possible. No known workarounds are available for this security weakness.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share