Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
open-xchange appsuite vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2016-4047
An issue exists in Open-Xchange OX App Suite prior to 7.8.1-rev8. References to external Open XML document type definitions (.dtd resources) can be placed within .docx and .xslx files. Those resources were requested when parsing certain parts of the generated document. As a resul...
Open-xchange Open-xchange Appsuite
5.4
CVSSv3
CVE-2018-13104
OX App Suite 7.8.4 and previous versions allows XSS. Internal reference: 58742 (Bug ID)
Open-xchange Open-xchange Appsuite
5.4
CVSSv3
CVE-2019-11522
OX App Suite 7.10.0 to 7.10.2 allows XSS.
Open-xchange Open-xchange Appsuite
9.8
CVSSv3
CVE-2017-17060
OX Software GmbH OX App Suite 7.8.4 and previous versions is affected by: Insecure Permissions.
Open-xchange Open-xchange Appsuite
5.4
CVSSv3
CVE-2017-17061
OX Software GmbH OX App Suite 7.8.4 and previous versions is affected by: Cross Site Scripting (XSS).
Open-xchange Open-xchange Appsuite
9.8
CVSSv3
CVE-2017-5210
Open-Xchange GmbH OX App Suite 7.8.3 and previous versions is affected by: Information Exposure.
Open-xchange Open-xchange Appsuite
9.9
CVSSv3
CVE-2017-13667
OX Software GmbH OX App Suite 7.8.4 and previous versions is affected by: SSRF.
Open-xchange Open-xchange Appsuite
5.4
CVSSv3
CVE-2017-13668
OX Software GmbH OX App Suite 7.8.4 and previous versions is affected by: Cross Site Scripting (XSS).
Open-xchange Open-xchange Appsuite
5.4
CVSSv3
CVE-2020-24700
OX App Suite up to and including 7.10.3 allows SSRF because GET requests are sent to arbitrary domain names with an initial autoconfig. substring.
Open-xchange Open-xchange Appsuite
6.1
CVSSv3
CVE-2020-24701
OX App Suite up to and including 7.10.4 allows XSS via the app loading mechanism (the PATH_INFO to the /appsuite URI).
Open-xchange Open-xchange Appsuite
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »