CVE-2023-6186
Link targets allow arbitrary script executionInsufficient macro permission validation of The Document Foundation LibreOffice allows an attacker to execute built-in macros without warning.
In affected versions LibreOffice supports hyperlinks with macro or similar built-in command targets that can be executed when activated without warning the user.
We have discovered 165 live websites that are affected by CVE-2023-6186.
Contact us to get more info
Affected Software
| |
---|
Product | LibreOffice |
Category | Content Management System |
Vulnerable Versions | - from 7.5 before 7.5.9
- from 7.6 before 7.6.4
|
Total Vulnerable Versions | 195 |
Vulnerable Domains | 165 live websites (4.89% of LibreOffice install base) |