CVE-2022-45179 - How Stored XSS in LIVEBOX vDesk Exposed Users to Credential Theft
In late 2022, a security issue was reported in LIVEBOX Collaboration vDesk up to version v031. The problem is tracked as CVE-2022-45179 and, while it
CVE-2022-45169 - Stealing Clicks with Open Redirect & Push Notification Exploit in LIVEBOX vDesk
In late 2022, security researchers discovered a surprisingly simple but dangerous flaw in the popular enterprise software, LIVEBOX Collaboration vDesk (up to version v031). This
CVE-2022-45177 - Exploiting Observable Response Discrepancy in LIVEBOX Collaboration vDesk (up to v031)
In November 2022, a security vulnerability was identified in LIVEBOX Collaboration vDesk (up to version v031). The issue, tracked as CVE-2022-45177, stems from an Observable
CVE-2022-45173 - Exploiting LIVEBOX Collaboration vDesk 2FA Bypass via Broken API Challenge
In late 2022, a critical vulnerability was discovered in the LIVEBOX Collaboration vDesk product (through version v018), tracked as CVE-2022-45173. This flaw exposes weak points
CVE-2022-45175 - Exploiting LIVEBOX Collaboration vDesk’s Insecure Direct Object Reference to Access Other Users’ OnlyOffice Files
Published: June 2024
[Final Thoughts](#final-thoughts)
1. Introduction
In November 2022, security researchers discovered a critical access control vulnerability in LIVEBOX Collaboration vDesk up to
Episode
00:00:00
00:00:00