CVE-2024-29182

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Apr 4, 2024

CWE ID 79

Summary

CVE-2024-29182 is a stored cross-site scripting (XSS) vulnerability affecting Collabora Online, an office suite based on LibreOffice. An attacker can exploit this flaw by creating a manipulated document containing an XSS payload in a field's text, which triggers a tooltip and executes the malicious code in the user's browser. To mitigate this risk, users are advised to upgrade to Collabora Online 23.05.10.1 or later versions. Older releases, such as 22.04 and 21.11, are reportedly not impacted by this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/vMbEXq
https://www.cve.org/CVERecord?id=CVE-2024-29182
https://nvd.nist.gov/vuln/detail/CVE-2024-29182

Back to Vulnerability Database

CVE-2024-29182

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations