Rapid7 recently reported that multiple cross-site scripting (XSS) vulnerabilities have been identified in popular document management system (DMS) products. These solutions are used to manage the production, storage, and distribution of documents, as well as providing collaboration capabilities and support for other types of files. Despite Rapid7's attempts to contact the vendors, none of them responded. The vulnerabilities, which are tracked as CVE-2022-47412, are particularly severe and could have serious consequences if exploited. The most severe of the vulnerabilities affects OnlyOffice Workspace and requires an attacker to trick a user into storing a malicious document in the DMS and then convincing them to open it. Two XSS bugs were identified in OpenKM, and four XSS vulnerabilities were found in LogicalDOC DMS. The Mayan EDMS flaw, CVE-2022-47419, impacts the platform's in-product tagging system. An attacker exploiting any of these vulnerabilities could steal the session cookie of a locally logged-in administrator and then impersonate the user to gain access to all documents stored in the DMS. Rapid7 recommends that users be extra careful when importing documents from unknown or untrusted sources into the DMS and that administrators limit the creation of anonymous, untrusted users for the affected DMS products. Administrators are urged to apply any vendor-supplied updates on an emergency basis to protect against these vulnerabilities.
This Cyber News was published on www.securityweek.com. Publication date: Thu, 09 Feb 2023 15:32:03 +0000