Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
open-xchange ox app suite vulnerabilities and exploits
(subscribe to this query)
516
VMScore
CVE-2021-33488
chat in OX App Suite 7.10.5 has Improper Input Validation. A user can be redirected to a rogue OX Chat server via a development-related hook.
Open-xchange Ox App Suite
383
VMScore
CVE-2021-33490
OX App Suite up to and including 7.10.5 allows XSS via a crafted snippet in a shared mail signature.
Open-xchange Ox App Suite
356
VMScore
CVE-2021-33491
OX App Suite up to and including 7.10.5 allows Directory Traversal via ../ in an OOXML or ODF ZIP archive, because of the mishandling of relative paths in mail addresses in conjunction with auto-configuration DNS records.
Open-xchange Ox App Suite
320
VMScore
CVE-2021-33493
The middleware component in OX App Suite up to and including 7.10.5 allows Code Injection via Java classes in a YAML format.
Open-xchange Ox App Suite
383
VMScore
CVE-2021-44208
OX App Suite up to and including 7.10.5 allows XSS via an unknown system message in Chat.
Open-xchange Ox App Suite
383
VMScore
CVE-2021-44209
OX App Suite up to and including 7.10.5 allows XSS via an HTML 5 element such as AUDIO.
Open-xchange Ox App Suite
383
VMScore
CVE-2021-44210
OX App Suite up to and including 7.10.5 allows XSS via NIFF (Notation Interchange File Format) data.
Open-xchange Ox App Suite
312
VMScore
CVE-2021-44211
OX App Suite up to and including 7.10.5 allows XSS via the class attribute of an element in an HTML e-mail signature.
Open-xchange Ox App Suite
383
VMScore
CVE-2021-44212
OX App Suite up to and including 7.10.5 allows XSS via a trailing control character such as the SCRIPT\t substring.
Open-xchange Ox App Suite
383
VMScore
CVE-2021-44213
OX App Suite up to and including 7.10.5 allows XSS via uuencoding in a multipart/alternative message.
Open-xchange Ox App Suite
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »