CVE-2025-68917

CVSS Score & Metrics

Base Score

6.4 / 10

Vector String

                                        CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N                                    

ONLYOFFICE Docs before 9.2.1 allows XSS in the textarea of the comment editing form. This is related to DocumentServer.

Published Date

December 24, 2025

Last Modified

December 29, 2025

CWE ID

CWE-79

Source

NVD