Document vulnerability in editors/openoffice-4 < 4.1.8 and openoffice-devel

CVE-2020-13958 Unrestricted actions leads to arbitrary code execution
in crafted documents

A vulnerability in Apache OpenOffice scripting events allows an
attacker to construct documents containing hyperlinks pointing to
an executable on the target users file system. These hyperlinks can
be triggered unconditionally. In fixed versions no internal protocol
may be called from the document event handler and other hyperlinks
require a control-click.

https://www.openoffice.org/security/cves/CVE-2020-13958.html