Exploit Report

Exploit Report

Computer Security And Bug Information

CVE-2023-2255

Last Updated: May 29, 2023
CVECVE-2023-2255
CVE Title
Published Date2023-05-25T20:15Z
Modified Date2023-05-29T00:15Z
DescriptionImproper access control in editor components of The Document Foundation LibreOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. In the affected versions of LibreOffice documents that used "floating frames" linked to external files, would load the contents of those frames without prompting the user for permission to do so. This was inconsistent with the treatment of other linked content in LibreOffice. This issue affects: The Document Foundation LibreOffice 7.4 versions prior to 7.4.7; 7.5 versions prior to 7.5.3.
References
By clicking these links you will leave this website. We do not endorse and will not be held accountable for any activity on external sites.
Reference URLhttps://www.libreoffice.org/about-us/security/advisories/CVE-2023-2255
Reference DescriptionMISC https://www.libreoffice.org/about-us/security/advisories/CVE-2023-2255
Reference URLhttps://www.debian.org/security/2023/dsa-5415
Reference DescriptionDEBIAN DSA-5415
Sources NIST MITRE
Note
  • No CVSS data for this CVE

This site's data is aggregated programmatically and provided "as is" without any representations or warranties, express or implied. Exploit.report is not affiliated with the The MITRE Corporation, U.S. Department of Homeland Security (DHS), Cybersecurity and Infrastructure Security Agency (CISA), or US government in any way. CVE and the CVE logo are registered trademarks of The MITRE Corporation

© 2022 Exploit.Report | Data | Contact | Privacy Policy | Articles