CVE-2025-68917 | ONLYOFFICE Document Server up to 9.2.0 Comment Editing Form cross site scripting

A vulnerability classified as problematic has been found in ONLYOFFICE Document Server up to 9.2.0. Affected by this vulnerability is an unknown functionality of the component Comment Editing Form. The manipulation leads to cross site scripting.

This vulnerability is listed as CVE-2025-68917. The attack may be initiated remotely. There is no available exploit.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More