CVE-2023-6186

Summary

Insufficient macro permission validation of The Document Foundation LibreOffice allows an attacker to execute built-in macros without warning.

In affected versions LibreOffice supports hyperlinks with macro or similar built-in command targets that can be executed when activated without warning the user.

Affected Software

VendorProductVersion RangeStatus
The Document FoundationLibreOffice7.5 < 7.5.9affected
The Document FoundationLibreOffice7.6 < 7.6.4affected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References