CVE-2023-26435

Name of the Vulnerable Software and Affected Versions LibreOffice (affected versions not specified)

Description The issue is related to insufficient validation of requests on the server side, allowing attackers to access the file system using specially crafted ODT documents. This could enable the discovery of restricted network topology and services, as well as the inclusion of local files with read permissions of the open-xchange system user. The vulnerability is limited to specific file types, such as images. Improved content filters and validators have been implemented to prevent the inclusion of local resources. No publicly available exploits are known.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.