Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
open-xchange ox app suite vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2022-23101
OX App Suite up to and including 7.10.6 allows XSS via appHandler in a deep link in an e-mail message.
Open-xchange Ox App Suite
5.4
CVSSv3
CVE-2023-29052
Users were able to define disclaimer texts for an upsell shop dialog that would contain script code that was not sanitized correctly. Attackers could lure victims to user accounts with malicious script code and make them execute it in the context of a trusted domain. We added san...
Open-xchange Ox App Suite 7.10.6
6.1
CVSSv3
CVE-2021-33492
OX App Suite 7.10.5 allows XSS via an OX Chat room name.
Open-xchange Ox App Suite 7.10.5
6.1
CVSSv3
CVE-2021-33494
OX App Suite 7.10.5 allows XSS via an OX Chat room title during typing rendering.
Open-xchange Ox App Suite 7.10.5
6.1
CVSSv3
CVE-2021-33495
OX App Suite 7.10.5 allows XSS via an OX Chat system message.
Open-xchange Ox App Suite 7.10.5
NA
CVE-2014-5237
Server-side request forgery (SSRF) vulnerability in the documentconverter component in Open-Xchange (OX) AppSuite prior to 7.4.2-rev10 and 7.6.x prior to 7.6.0-rev10 allows remote malicious users to trigger requests to arbitrary servers and embed arbitrary images via a URL in an ...
Open-xchange App Suite 7.4.2
Open-xchange App Suite 7.6.0
5.4
CVSSv3
CVE-2022-23099
OX App Suite up to and including 7.10.6 allows XSS by forcing block-wise read.
Open-xchange App Suite
7.5
CVSSv3
CVE-2016-4028
An issue exists in Open-Xchange OX Guard prior to 2.4.0-rev8. OX Guard uses an authentication token to identify and transfer guest users' credentials. The OX Guard API acts as a padding oracle by responding with different error codes depending on whether the provided token m...
Open-xchange Ox Guard
7.5
CVSSv3
CVE-2020-28944
OX Guard 2.10.4 and previous versions allows a Denial of Service via a WKS server that responds slowly or with a large amount of data.
Open-xchange Ox Guard
6.5
CVSSv3
CVE-2017-17062
The backend component in Open-Xchange OX App Suite prior to 7.6.3-rev35, 7.8.x prior to 7.8.2-rev38, 7.8.3 prior to 7.8.3-rev41, and 7.8.4 prior to 7.8.4-rev19 allows remote authenticated users to save arbitrary user attributes by leveraging improper privilege management.
Open-xchange Open-xchange Appsuite 7.8.4
Open-xchange Open-xchange Appsuite 7.8.3
Open-xchange Open-xchange Appsuite 7.8.0
Open-xchange Open-xchange Appsuite 7.6.3
Open-xchange Open-xchange Appsuite
Open-xchange Open-xchange Appsuite 7.8.2
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »