Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
open-xchange open-xchange appsuite vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2017-12885
OX Software GmbH App Suite 7.8.4 and previous versions is affected by: Cross Site Scripting (XSS).
Open-xchange Open-xchange Appsuite
4.3
CVSSv3
CVE-2020-12643
OX App Suite 7.10.3 and previous versions has Incorrect Access Control via an /api/subscriptions request for a snippet containing an email address.
Open-xchange Open-xchange Appsuite
5
CVSSv3
CVE-2020-12644
OX App Suite 7.10.3 and previous versions allows SSRF, related to the mail account API and the /folder/list API.
Open-xchange Open-xchange Appsuite
5.4
CVSSv3
CVE-2020-12646
OX App Suite 7.10.3 and previous versions allows XSS via text/x-javascript, text/rdf, or a PDF document.
Open-xchange Open-xchange Appsuite
9.8
CVSSv3
CVE-2017-17060
OX Software GmbH OX App Suite 7.8.4 and previous versions is affected by: Insecure Permissions.
Open-xchange Open-xchange Appsuite
5.4
CVSSv3
CVE-2019-11522
OX App Suite 7.10.0 to 7.10.2 allows XSS.
Open-xchange Open-xchange Appsuite
5.3
CVSSv3
CVE-2017-9809
OX Software GmbH OX App Suite 7.8.4 and previous versions is affected by: Information Exposure.
Open-xchange Open-xchange Appsuite
9.9
CVSSv3
CVE-2017-13667
OX Software GmbH OX App Suite 7.8.4 and previous versions is affected by: SSRF.
Open-xchange Open-xchange Appsuite
5.4
CVSSv3
CVE-2017-13668
OX Software GmbH OX App Suite 7.8.4 and previous versions is affected by: Cross Site Scripting (XSS).
Open-xchange Open-xchange Appsuite
6.1
CVSSv3
CVE-2016-5740
An issue exists in Open-Xchange OX App Suite prior to 7.8.2-rev5. JavaScript code can be used as part of ical attachments within scheduling E-Mails. This content, for example an appointment's location, will be presented to the user at the E-Mail App, depending on the invitat...
Open-xchange Open-xchange Appsuite
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »