Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
open-xchange open-xchange appsuite vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-29853
OX App Suite up to and including 8.2 allows XSS via a certain complex hierarchy that forces use of Show Entire Message for a huge HTML e-mail message.
Open-xchange Open-xchange Appsuite
Open-xchange Open-xchange Appsuite 7.10.5
Open-xchange Open-xchange Appsuite 7.10.6
Open-xchange Open-xchange Appsuite 8.2
356
VMScore
CVE-2020-8544
OX App Suite up to and including 7.10.3 allows SSRF.
Open-xchange Open-xchange Appsuite 7.8.4
Open-xchange Open-xchange Appsuite 7.10.1
Open-xchange Open-xchange Appsuite 7.10.2
Open-xchange Open-xchange Appsuite 7.10.3
445
VMScore
CVE-2020-8543
OX App Suite up to and including 7.10.3 has Improper Input Validation.
Open-xchange Open-xchange Appsuite 7.8.4
Open-xchange Open-xchange Appsuite 7.10.1
Open-xchange Open-xchange Appsuite 7.10.2
Open-xchange Open-xchange Appsuite 7.10.3
312
VMScore
CVE-2013-4790
Open-Xchange AppSuite prior to 7.0.2 rev14, 7.2.0 before rev11, 7.2.1 before rev10, and 7.2.2 before rev9 relies on user-supplied data to predict the IMAP server hostname for an external domain name, which allows remote authenticated users to discover e-mail credentials of other ...
Open-xchange Open-xchange Appsuite 7.0.2
Open-xchange Open-xchange Appsuite 7.2.0
Open-xchange Open-xchange Appsuite 7.2.1
Open-xchange Open-xchange Appsuite 7.2.2
668
VMScore
CVE-2013-5200
The (1) REST and (2) memcache interfaces in the Hazelcast cluster API in Open-Xchange AppSuite 7.0.x prior to 7.0.2-rev15 and 7.2.x prior to 7.2.2-rev16 do not require authentication, which allows remote malicious users to obtain sensitive information or modify data via an API ca...
Open-xchange Open-xchange Appsuite 7.0.2
Open-xchange Open-xchange Appsuite 7.2.1
Open-xchange Open-xchange Appsuite 7.2.0
Open-xchange Open-xchange Appsuite 7.0.1
383
VMScore
CVE-2013-5935
The Hazelcast cluster API in Open-Xchange AppSuite 7.0.x prior to 7.0.2-rev15 and 7.2.x prior to 7.2.2-rev16 does not properly restrict the set of network interfaces that can receive API calls, which makes it easier for remote malicious users to obtain access by sending network t...
Open-xchange Open-xchange Appsuite 7.0.1
Open-xchange Open-xchange Appsuite 7.0.2
Open-xchange Open-xchange Appsuite 7.2.1
Open-xchange Open-xchange Appsuite 7.2.0
383
VMScore
CVE-2013-5936
The Hazelcast cluster API in Open-Xchange AppSuite 7.0.x prior to 7.0.2-rev15 and 7.2.x prior to 7.2.2-rev16 allows remote malicious users to obtain sensitive information about (1) runtime activity, (2) network configuration, (3) user sessions, (4) the memcache interface, and (5)...
Open-xchange Open-xchange Appsuite 7.2.1
Open-xchange Open-xchange Appsuite 7.0.1
Open-xchange Open-xchange Appsuite 7.0.2
Open-xchange Open-xchange Appsuite 7.2.0
383
VMScore
CVE-2013-6242
Cross-site scripting (XSS) vulnerability in the frontend in Open-Xchange (OX) AppSuite 6.22.3 prior to 6.22.3-rev5 and 6.22.4 prior to 6.22.4-rev12 allows remote malicious users to inject arbitrary web script or HTML via the subject of an email. NOTE: the vulnerabilities related ...
Open-xchange Open-xchange Appsuite 6.22.3
Open-xchange Open-xchange Appsuite 6.22.4
Open-xchange Open-xchange Appsuite 7.2.2
Open-xchange Open-xchange Appsuite 7.4.0
356
VMScore
CVE-2013-5934
Open-Xchange AppSuite 7.0.x prior to 7.0.2-rev15 and 7.2.x prior to 7.2.2-rev16 has a hardcoded password for node join operations, which allows remote malicious users to expand a cluster by finding this password in the source code and then sending the password in a Hazelcast clus...
Open-xchange Open-xchange Appsuite 7.0.2
Open-xchange Open-xchange Appsuite 7.2.1
Open-xchange Open-xchange Appsuite 7.2.0
Open-xchange Open-xchange Appsuite 7.0.1
383
VMScore
CVE-2013-6074
Cross-site scripting (XSS) vulnerability in Open-Xchange (OX) AppSuite 7.2.x prior to 7.2.2-rev25 and 7.4.x prior to 7.4.0-rev14 allows remote malicious users to inject arbitrary web script or HTML via an attached SVG file.
Open-xchange Open-xchange Appsuite 7.4.0
Open-xchange Open-xchange Appsuite 7.2.0
Open-xchange Open-xchange Appsuite 7.2.1
Open-xchange Open-xchange Appsuite 7.2.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »