is it possible to circunvent the checking of w***/d**.x** to load an o** instead of a docx? if so pm pls!
Finally been able to load an o** file into the converter and it seems like it doesnt use a vulnerable uv, or doesnt use uv at all. In my vm with the --unsafe-quiet-update flag I was getting good results dumping my /etc /passwd. Time to check more xx* ss** but it doesnt look good, I think i entered in a big rabbit hole.
L****e is version 6.0.7 so not vulnerable to webservices and their only vulns are the ones based on py lo that are not gonna work in headless mode.
Looks like I need to go back enumerating web files in order to find that changelog with neccesary info to exploit. Hope the initial hype is over and now I can finish the scans this time in the free server…