Headline
CVE-2022-24229: GitHub - ONLYOFFICE/DocumentServer: ONLYOFFICE Document Server is an online office suite comprising viewers and editors for texts, spreadsheets and presentations, fully compatible with Office Open XML
A cross-site scripting (XSS) vulnerability in ONLYOFFICE Document Server Example before v7.0.0 allows remote attackers inject arbitrary HTML or JavaScript through /example/editor.
Overview
ONLYOFFICE Document Server is a free collaborative online office suite comprising viewers and editors for texts, spreadsheets and presentations, fully compatible with Office Open XML formats: .docx, .xlsx, .pptx and enabling collaborative editing in real time.
Starting from version 6.0, Document Server is distributed under a new name - ONLYOFFICE Docs.
ONLYOFFICE Docs can be used as a part of ONLYOFFICE Workspace or with third-party sync&share solutions (e.g. Nextcloud, ownCloud, Seafile) to enable collaborative editing within their interface.
It has three editions - Community, Enterprise, and Developer.
Components
ONLYOFFICE Document Server contains the following components:
- server - the backend server software layer which is the base for all other components of ONLYOFFICE Document Server.
- core - server core components of ONLYOFFICE Document Server which enable the conversion between the most popular office document formats (DOC, DOCX, ODT, RTF, TXT, PDF, HTML, EPUB, XPS, DjVu, XLS, XLSX, ODS, CSV, PPT, PPTX, ODP).
- sdkjs - JavaScript SDK for the ONLYOFFICE Document Server which contains API for all the included components client-side interaction.
- web-apps - the frontend for ONLYOFFICE Document Server which builds the program interface and allows the user create, edit, save and export text, spreadsheet and presentation documents using the common interface of a document editor.
- dictionaries - the dictionaries of various languages used for spellchecking in ONLYOFFICE Document Server.
- sdkjs-plugins - the add-ons for ONLYOFFICE Document Server used for the developers to add specific functions to the editors which are not directly related to the OOXML format.
Functionality
ONLYOFFICE Document Server includes the following editors:
- ONLYOFFICE Document Editor
- ONLYOFFICE Spreadsheet Editor
- ONLYOFFICE Presentation Editor
The editors allow you to create, edit, save and export text, spreadsheet and presentation documents and additionally have the features:
- Collaborative editing
- Hieroglyph support
- Reviewing
- Spell-checking
ONLYOFFICE Document Server editions
ONLYOFFICE offers different versions of its online document editors that can be deployed on your own servers.
ONLYOFFICE Docs (packaged as Document Server):
- Community Edition (
onlyoffice-documentserverpackage) - Enterprise Edition (
onlyoffice-documentserver-eepackage) - Developer Edition (
onlyoffice-documentserver-depackage)
The table below will help you to make the right choice.
Pricing and licensing
Community Edition
Enterprise Edition
Developer Edition
Get it now
Start Free Trial
Start Free Trial
Cost
FREE
Go to the pricing page
Go to the pricing page
Simultaneous connections
up to 20 maximum
As in chosen pricing plan
As in chosen pricing plan
Number of users
up to 20 recommended
As in chosen pricing plan
As in chosen pricing plan
Clusterization
-
License
GNU AGPL v.3
Proprietary
Proprietary
Support
Community Edition
Enterprise Edition
Developer Edition
Documentation
Help Center
Help Center
Help Center
Standard support
GitHub or paid
One year support included
One year support included
Premium support
Contact Us
Contact Us
Contact Us
Services
Community Edition
Enterprise Edition
Developer Edition
Conversion Service
Document Builder Service
Interface
Community Edition
Enterprise Edition
Developer Edition
Tabbed interface
Dark theme
125%, 150%, 175%, 200% scaling
White label
-
-
Integrated test example (node.js)
Mobile web editors
-
+*
+*
Plugins & Macros
Community Edition
Enterprise Edition
Developer Edition
Plugins
Macros
Collaborative capabilities
Community Edition
Enterprise Edition
Developer Edition
Two co-editing modes
Comments
Built-in chat
Review and tracking changes
Display modes of tracking changes
Version history
Document Editor features
Community Edition
Enterprise Edition
Developer Edition
Font and paragraph formatting
Object insertion
Adding Content control
Editing Content control
Layout tools
Table of contents
Navigation panel
Mail Merge
Comparing Documents
Spreadsheet Editor features
Community Edition
Enterprise Edition
Developer Edition
Font and paragraph formatting
Object insertion
Functions, formulas, equations
Table templates
Pivot tables
Data validation
Conditional formatting
Sparklines
Sheet Views
Presentation Editor features
Community Edition
Enterprise Edition
Developer Edition
Font and paragraph formatting
Object insertion
Transitions
Presenter mode
Notes
Form creator features
Community Edition
Enterprise Edition
Developer Edition
Adding form fields
Form preview
Saving as PDF
Security features
Community Edition
Enterprise Edition
Developer Edition
End-to-end encryption via Private Rooms
-
Get it now
Start Free Trial
Start Free Trial
* If supported by DMS
Documentation
The easiest way to install ONLYOFFICE Document Server is to use the Docker image. You can also install it from the repository or compile it from source code. The following documentation is available to the community depending on the way you choose:
- Compiling ONLYOFFICE Document Server for a local server
- Installing ONLYOFFICE Document Server Linux version
- Installing ONLYOFFICE Document Server Windows version
- Installing ONLYOFFICE Document Server Docker version
ONLYOFFICE Workspace
ONLYOFFICE Docs packaged as Document Server is a part of ONLYOFFICE Workspace that also includes ONLYOFFICE Groups packaged as Community Server, Mail Server, Control Panel and Talk (instant messaging app).
It can also be integrated with third-party sync and share solutions.
Project information
Official website: https://www.onlyoffice.com
Code repository: https://github.com/ONLYOFFICE/DocumentServer
Docker Image: https://github.com/ONLYOFFICE/Docker-DocumentServer
License: GNU AGPL v3.0
ONLYOFFICE Docs on official website: https://www.onlyoffice.com/office-suite.aspx
ONLYOFFICE Workspace on official website: https://www.onlyoffice.com/workspace.aspx
List of available integrations: https://www.onlyoffice.com/all-connectors.aspx
User Feedback and Support
If you have any problems with or questions about ONLYOFFICE Document Server, please visit our official forum to find answers to your questions: forum.onlyoffice.com or you can ask and answer ONLYOFFICE development questions on Stack Overflow.