Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
open-xchange open-xchange appsuite 7.10.4 vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2021-23932
OX App Suite up to and including 7.10.4 allows XSS via an inline image with a crafted filename.
Open-xchange Open-xchange Appsuite
6.1
CVSSv3
CVE-2021-23930
OX App Suite up to and including 7.10.4 allows XSS via use of the conversion API for a distributedFile.
Open-xchange Open-xchange Appsuite
6.1
CVSSv3
CVE-2021-23933
OX App Suite up to and including 7.10.4 allows XSS via JavaScript in a Note referenced by a mail:// URL.
Open-xchange Open-xchange Appsuite
6.1
CVSSv3
CVE-2021-23935
OX App Suite up to and including 7.10.4 allows XSS via an appointment in which the location contains JavaScript code.
Open-xchange Open-xchange Appsuite
6.4
CVSSv3
CVE-2021-23927
OX App Suite up to and including 7.10.4 allows SSRF via a URL with an @ character in an appsuite/api/oauth/proxy PUT request.
Open-xchange Open-xchange Appsuite
5.4
CVSSv3
CVE-2020-24700
OX App Suite up to and including 7.10.3 allows SSRF because GET requests are sent to arbitrary domain names with an initial autoconfig. substring.
Open-xchange Open-xchange Appsuite
6.1
CVSSv3
CVE-2021-23929
OX App Suite up to and including 7.10.4 allows XSS via a crafted Content-Disposition header in an uploaded HTML document to an ajax/share/<share-token>?delivery=view URI.
Open-xchange Open-xchange Appsuite
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2