Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
open-xchange ox app suite vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2021-33489
OX App Suite up to and including 7.10.5 allows XSS via JavaScript code in a shared XCF file.
Open-xchange Ox App Suite
5.4
CVSSv3
CVE-2023-29052
Users were able to define disclaimer texts for an upsell shop dialog that would contain script code that was not sanitized correctly. Attackers could lure victims to user accounts with malicious script code and make them execute it in the context of a trusted domain. We added san...
Open-xchange Ox App Suite 7.10.6
6.1
CVSSv3
CVE-2021-33495
OX App Suite 7.10.5 allows XSS via an OX Chat system message.
Open-xchange Ox App Suite 7.10.5
6.1
CVSSv3
CVE-2021-33492
OX App Suite 7.10.5 allows XSS via an OX Chat room name.
Open-xchange Ox App Suite 7.10.5
6.1
CVSSv3
CVE-2021-33494
OX App Suite 7.10.5 allows XSS via an OX Chat room title during typing rendering.
Open-xchange Ox App Suite 7.10.5
NA
CVE-2014-5237
Server-side request forgery (SSRF) vulnerability in the documentconverter component in Open-Xchange (OX) AppSuite prior to 7.4.2-rev10 and 7.6.x prior to 7.6.0-rev10 allows remote malicious users to trigger requests to arbitrary servers and embed arbitrary images via a URL in an ...
Open-xchange App Suite 7.4.2
Open-xchange App Suite 7.6.0
5.4
CVSSv3
CVE-2022-23099
OX App Suite up to and including 7.10.6 allows XSS by forcing block-wise read.
Open-xchange App Suite
7.5
CVSSv3
CVE-2016-4028
An issue exists in Open-Xchange OX Guard prior to 2.4.0-rev8. OX Guard uses an authentication token to identify and transfer guest users' credentials. The OX Guard API acts as a padding oracle by responding with different error codes depending on whether the provided token m...
Open-xchange Ox Guard
7.5
CVSSv3
CVE-2020-28944
OX Guard 2.10.4 and previous versions allows a Denial of Service via a WKS server that responds slowly or with a large amount of data.
Open-xchange Ox Guard
6.5
CVSSv3
CVE-2018-5751
The backend component in Open-Xchange OX App Suite prior to 7.6.3-rev36, 7.8.x prior to 7.8.2-rev39, 7.8.3 prior to 7.8.3-rev44, and 7.8.4 prior to 7.8.4-rev22 allows remote authenticated users to obtain sensitive information about external guest users via vectors related to the ...
Open-xchange Open-xchange Appsuite 7.8.4
Open-xchange Open-xchange Appsuite 7.8.3
Open-xchange Open-xchange Appsuite 7.6.3
Open-xchange Open-xchange Appsuite
Open-xchange Open-xchange Appsuite 7.8.2
Open-xchange Open-xchange Appsuite 7.8.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »