Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
open-xchange ox app suite vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2021-38378
OX App Suite 7.10.5 allows Information Exposure because a caching mechanism can caused a Modified By response to show a person's name.
Open-xchange Ox App Suite
NA
CVE-2023-29052
Users were able to define disclaimer texts for an upsell shop dialog that would contain script code that was not sanitized correctly. Attackers could lure victims to user accounts with malicious script code and make them execute it in the context of a trusted domain. We added san...
Open-xchange Ox App Suite 7.10.6
4.3
CVSSv2
CVE-2021-33494
OX App Suite 7.10.5 allows XSS via an OX Chat room title during typing rendering.
Open-xchange Ox App Suite 7.10.5
4.3
CVSSv2
CVE-2021-33495
OX App Suite 7.10.5 allows XSS via an OX Chat system message.
Open-xchange Ox App Suite 7.10.5
4.3
CVSSv2
CVE-2021-33492
OX App Suite 7.10.5 allows XSS via an OX Chat room name.
Open-xchange Ox App Suite 7.10.5
4.3
CVSSv2
CVE-2014-5237
Server-side request forgery (SSRF) vulnerability in the documentconverter component in Open-Xchange (OX) AppSuite prior to 7.4.2-rev10 and 7.6.x prior to 7.6.0-rev10 allows remote malicious users to trigger requests to arbitrary servers and embed arbitrary images via a URL in an ...
Open-xchange App Suite 7.4.2
Open-xchange App Suite 7.6.0
NA
CVE-2022-23099
OX App Suite up to and including 7.10.6 allows XSS by forcing block-wise read.
Open-xchange App Suite
3.5
CVSSv2
CVE-2016-4028
An issue exists in Open-Xchange OX Guard prior to 2.4.0-rev8. OX Guard uses an authentication token to identify and transfer guest users' credentials. The OX Guard API acts as a padding oracle by responding with different error codes depending on whether the provided token m...
Open-xchange Ox Guard
5
CVSSv2
CVE-2020-28944
OX Guard 2.10.4 and previous versions allows a Denial of Service via a WKS server that responds slowly or with a large amount of data.
Open-xchange Ox Guard
4
CVSSv2
CVE-2017-17062
The backend component in Open-Xchange OX App Suite prior to 7.6.3-rev35, 7.8.x prior to 7.8.2-rev38, 7.8.3 prior to 7.8.3-rev41, and 7.8.4 prior to 7.8.4-rev19 allows remote authenticated users to save arbitrary user attributes by leveraging improper privilege management.
Open-xchange Open-xchange Appsuite 7.8.4
Open-xchange Open-xchange Appsuite 7.8.3
Open-xchange Open-xchange Appsuite 7.8.0
Open-xchange Open-xchange Appsuite 7.6.3
Open-xchange Open-xchange Appsuite
Open-xchange Open-xchange Appsuite 7.8.2
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »