The most severe issue belongs to ONLYOFFICE’s Workspace enterprise app platform. Tracked as CVE-2022-47412, the stored cross-site scripting (XSS) vulnerability is believed to impact versions from 0 through 12.1.0.1760.
Source: cyware.com