Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
open-xchange ox guard vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2018-10986
OX Guard 2.8.0 has CSRF.
Open-xchange Ox Guard 2.8.0
8.8
CVSSv3
CVE-2015-8542
An issue exists in Open-Xchange Guard prior to 2.2.0-rev8. The "getprivkeybyid" API call is used to download a PGP Private Key for a specific user after providing authentication credentials. Clients provide the "id" and "cid" parameter to specify the...
Open-xchange Ox Guard
8.1
CVSSv3
CVE-2019-11521
OX App Suite 7.10.1 allows Content Spoofing.
Open-xchange Open-xchange Appsuite 7.10.1
7.5
CVSSv3
CVE-2020-28944
OX Guard 2.10.4 and previous versions allows a Denial of Service via a WKS server that responds slowly or with a large amount of data.
Open-xchange Ox Guard
7.5
CVSSv3
CVE-2016-4028
An issue exists in Open-Xchange OX Guard prior to 2.4.0-rev8. OX Guard uses an authentication token to identify and transfer guest users' credentials. The OX Guard API acts as a padding oracle by responding with different error codes depending on whether the provided token m...
Open-xchange Ox Guard
6.5
CVSSv3
CVE-2020-28943
OX App Suite 7.10.4 and previous versions allows SSRF via a snippet.
Open-xchange Open-xchange Appsuite
6.1
CVSSv3
CVE-2021-26698
OX App Suite prior to 7.10.3-rev32 and 7.10.4 prior to 7.10.4-rev18 allows XSS via a code snippet (user-generated content) when a sharing link is created and the dl parameter is used.
Open-xchange Open-xchange Appsuite 7.10.3
Open-xchange Open-xchange Appsuite 7.10.4
6.1
CVSSv3
CVE-2020-28945
OX App Suite 7.10.4 and previous versions allows XSS via crafted content to reach an undocumented feature, such as ![](http://onerror=Function.constructor, in a Notes item.
Open-xchange Open-xchange Appsuite
6.1
CVSSv3
CVE-2020-24701
OX App Suite up to and including 7.10.4 allows XSS via the app loading mechanism (the PATH_INFO to the /appsuite URI).
Open-xchange Open-xchange Appsuite
6.1
CVSSv3
CVE-2020-9426
OX Guard 2.10.3 and previous versions allows XSS.
Open-xchange Ox Guard 2.10.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »