Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

open-xchange open-xchange server 7.2.0 vulnerabilities and exploits

(subscribe to this query)
3.5
CVSSv2
CVE-2013-5698
Cross-site scripting (XSS) vulnerability in Open-Xchange AppSuite and Server prior to 6.22.0 rev16, 6.22.1 before rev19, 7.0.1 before rev7, 7.0.2 before rev11, and 7.2.0 before rev8 allows remote authenticated users to inject arbitrary web script or HTML via a delivery=view actio...
Open-xchange Open-xchange Appsuite 7.0.1Open-xchange Open-xchange Appsuite 7.0.2Open-xchange Open-xchange Server 7.0.1Open-xchange Open-xchange Server 7.0.2Open-xchange Open-xchange Server 6.22.0Open-xchange Open-xchange Appsuite 6.22.0Open-xchange Open-xchange Server 7.2.0Open-xchange Open-xchange Server 6.22.1Open-xchange Open-xchange Appsuite 6.22.1Open-xchange Open-xchange Appsuite 7.2.0
4.3
CVSSv2
CVE-2013-3106
Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange AppSuite and Server prior to 6.20.7 rev18, 6.22.0 before rev16, 6.22.1 before rev19, 7.0.1 before rev7, 7.0.2 before rev11, and 7.2.0 before rev8 allow remote malicious users to inject arbitrary web script or HTM...
Open-xchange Open-xchange Server 7.0.2Open-xchange Open-xchange Appsuite 6.22.0Open-xchange Open-xchange Server 6.22.0Open-xchange Open-xchange Server 7.0.1Open-xchange Open-xchange Appsuite 6.22.1Open-xchange Open-xchange Appsuite 7.0.1Open-xchange Open-xchange Appsuite 7.0.2Open-xchange Open-xchange Appsuite 7.2.0Open-xchange Open-xchange Server 7.2.0Open-xchange Open-xchange Appsuite 6.20.7Open-xchange Open-xchange Server 6.20.7Open-xchange Open-xchange Server 6.22.1
4.3
CVSSv2
CVE-2014-2392
The E-Mail autoconfiguration feature in Open-Xchange AppSuite prior to 7.2.2-rev20, 7.4.1 prior to 7.4.1-rev11, and 7.4.2 prior to 7.4.2-rev13 places a password in a GET request, which allows remote malicious users to obtain sensitive information by reading (1) web-server access ...
Open-xchange Open-xchange Appsuite 7.4.2Open-xchange Open-xchange Appsuite 7.4.1Open-xchange Open-xchange Appsuite 7.2.1Open-xchange Open-xchange AppsuiteOpen-xchange Open-xchange Appsuite 7.2.0
3.5
CVSSv2
CVE-2013-4790
Open-Xchange AppSuite prior to 7.0.2 rev14, 7.2.0 before rev11, 7.2.1 before rev10, and 7.2.2 before rev9 relies on user-supplied data to predict the IMAP server hostname for an external domain name, which allows remote authenticated users to discover e-mail credentials of other ...
Open-xchange Open-xchange Appsuite 7.0.2Open-xchange Open-xchange Appsuite 7.2.0Open-xchange Open-xchange Appsuite 7.2.1Open-xchange Open-xchange Appsuite 7.2.2
4.3
CVSSv2
CVE-2014-2391
The password recovery service in Open-Xchange AppSuite prior to 7.2.2-rev20, 7.4.1 prior to 7.4.1-rev11, and 7.4.2 prior to 7.4.2-rev13 makes an improper decision about the sensitivity of a string representing a previously used but currently invalid password, which allows remote ...
Open-xchange Open-xchange Appsuite 7.4.2Open-xchange Open-xchange Appsuite 7.2.1Open-xchange Open-xchange Appsuite 7.2.0Open-xchange Open-xchange AppsuiteOpen-xchange Open-xchange Appsuite 7.4.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionCVE-2006-4304CVE-2023-26603CVE-2024-28327CVE-2023-50363CVE-2024-21905template injectionCVE-2024-3400cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook