ID CVE-2023-41703
Summary User ID references at mentions in document comments were not correctly sanitized. Script code could be injected to a users session when working with a malicious document. Please deploy the provided updates and patch releases. User-defined content like comments and mentions are now filtered to avoid potentially malicious content. No publicly available exploits are known.
References
Vulnerable Configurations
CVSS
Base: None
Impact:
Exploitability:
Access
VectorComplexityAuthentication
Impact
ConfidentialityIntegrityAvailability
Last major update 16-02-2024 - 14:15
Published 12-02-2024 - 09:15
Last modified 16-02-2024 - 14:15
Back to Top