Primary

Context

Apache OpenOffice Calc Missing Authorization Vulnerability Allows Unprompted Loading of External Data Sources

Vulnerability

A missing authorization vulnerability in Apache OpenOffice Calc versions through 4.1.15 allows an attacker to create a document that loads links to external data sources without prompting the user. This issue could lead to unauthorized access or manipulation of the linked files.

Impact

Exploitation of this vulnerability could result in external documents being loaded into the spreadsheet application without user consent, potentially leading to unauthorized data access or manipulation.

Remediation

Users are advised to upgrade to Apache OpenOffice version 4.1.16, which addresses this vulnerability. The latest version can be downloaded from the Apache OpenOffice download page.

Added: Nov 12, 2025, 9:18 AM

Updated: Nov 12, 2025, 6:14 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

6.4

remediation

7.7

relevance

0.9

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

6.4

remediation

7.7

relevance

0.9

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Apache OpenOffice Calc Missing Authorization Vulnerability Allows Unprompted Loading of External Data Sources

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating