Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
open-xchange ox guard vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2023-26456
Users were able to set an arbitrary "product name" for OX Guard. The chosen value was not sufficiently sanitized before processing it at the user interface, allowing for indirect cross-site scripting attacks. Accounts that were temporarily taken over could be configured...
Open-xchange Ox Guard
Open-xchange Ox Guard 2.10.7
6.1
CVSSv3
CVE-2021-26698
OX App Suite prior to 7.10.3-rev32 and 7.10.4 prior to 7.10.4-rev18 allows XSS via a code snippet (user-generated content) when a sharing link is created and the dl parameter is used.
Open-xchange Open-xchange Appsuite 7.10.3
Open-xchange Open-xchange Appsuite 7.10.4
5.4
CVSSv3
CVE-2021-26699
OX App Suite prior to 7.10.3-rev4 and 7.10.4 prior to 7.10.4-rev4 allows SSRF via a shared SVG document that is mishandled by the imageconverter component when the .png extension is used.
Open-xchange Open-xchange Appsuite 7.10.3
Open-xchange Open-xchange Appsuite 7.10.4
6.1
CVSSv3
CVE-2020-28945
OX App Suite 7.10.4 and previous versions allows XSS via crafted content to reach an undocumented feature, such as ![](http://onerror=Function.constructor, in a Notes item.
Open-xchange Open-xchange Appsuite
7.5
CVSSv3
CVE-2020-28944
OX Guard 2.10.4 and previous versions allows a Denial of Service via a WKS server that responds slowly or with a large amount of data.
Open-xchange Ox Guard
6.5
CVSSv3
CVE-2020-28943
OX App Suite 7.10.4 and previous versions allows SSRF via a snippet.
Open-xchange Open-xchange Appsuite
5.4
CVSSv3
CVE-2020-24700
OX App Suite up to and including 7.10.3 allows SSRF because GET requests are sent to arbitrary domain names with an initial autoconfig. substring.
Open-xchange Open-xchange Appsuite
6.1
CVSSv3
CVE-2020-24701
OX App Suite up to and including 7.10.4 allows XSS via the app loading mechanism (the PATH_INFO to the /appsuite URI).
Open-xchange Open-xchange Appsuite
6.1
CVSSv3
CVE-2020-9426
OX Guard 2.10.3 and previous versions allows XSS.
Open-xchange Ox Guard 2.10.3
5
CVSSv3
CVE-2020-9427
OX Guard 2.10.3 and previous versions allows SSRF.
Open-xchange Ox Guard 2.10.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »