Gotenberg Office Rendering Engine Incomplete-Cleanup Vulnerability

Gotenberg Office Rendering Engine Incomplete-Cleanup Vulnerability

CVE-2020-13451 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

An incomplete-cleanup vulnerability in the Office rendering engine of Gotenberg through 6.2.1 allows an attacker to overwrite LibreOffice configuration files and execute arbitrary code via macros.

Learn more about our Cis Benchmark Audit For Microsoft Office.