Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
open-xchange ox app suite vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2016-5740
An issue exists in Open-Xchange OX App Suite prior to 7.8.2-rev5. JavaScript code can be used as part of ical attachments within scheduling E-Mails. This content, for example an appointment's location, will be presented to the user at the E-Mail App, depending on the invitat...
Open-xchange Open-xchange Appsuite
1 EDB exploit
4
CVSSv2
CVE-2018-12609
OX App Suite 7.8.4 and previous versions allows Server-Side Request Forgery.
Open-xchange Open-xchange Appsuite
5
CVSSv2
CVE-2018-12610
OX App Suite 7.8.4 and previous versions allows Information Exposure.
Open-xchange Open-xchange Appsuite
4.3
CVSSv2
CVE-2018-12611
OX App Suite 7.8.4 and previous versions allows Directory Traversal.
Open-xchange Open-xchange Appsuite
5.5
CVSSv2
CVE-2018-13103
OX App Suite 7.8.4 and previous versions allows SSRF.
Open-xchange Open-xchange Appsuite
3.5
CVSSv2
CVE-2018-13104
OX App Suite 7.8.4 and previous versions allows XSS. Internal reference: 58742 (Bug ID)
Open-xchange Open-xchange Appsuite
4.3
CVSSv2
CVE-2016-4048
An issue exists in Open-Xchange OX App Suite prior to 7.8.1-rev11. Custom messages can be shown at the login screen to notify external users about issues with sharing links. This mechanism can be abused to inject arbitrary text messages. Users may get tricked to follow instructio...
Open-xchange Open-xchange Appsuite
8.5
CVSSv2
CVE-2019-16716
OX App Suite up to and including 7.10.2 has Incorrect Access Control.
Open-xchange Open-xchange Appsuite
4.3
CVSSv2
CVE-2019-16717
OX App Suite up to and including 7.10.2 has XSS.
Open-xchange Open-xchange Appsuite
4
CVSSv2
CVE-2016-4047
An issue exists in Open-Xchange OX App Suite prior to 7.8.1-rev8. References to external Open XML document type definitions (.dtd resources) can be placed within .docx and .xslx files. Those resources were requested when parsing certain parts of the generated document. As a resul...
Open-xchange Open-xchange Appsuite
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »