LibreOffice Calc is the spreadsheet component of the LibreOffice software package. LibreOffice Calc supports a WEBSERVICE function to obtain data by URL. Details: LibreOffice before 5.4.5 and 6.x before 6.0.1 allows remote attackers to read arbitrary files via WEBSERVICE calls in a document (CVE-2018-6871), which uses the COM.MICROSOFT.WEBSERVICE function. This feature is available in Microsoft … Continue reading “LibreOffice Remote Arbitrary File Disclosure Vulnerability via WEBSERVICE Function”