Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
martin heiland vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-37309
OX App Suite up to and including 7.10.6 allows XSS via script code within a contact that has an e-mail address but lacks a name.
Open-xchange Open-xchange Appsuite
Open-xchange Open-xchange Appsuite 7.10.5
Open-xchange Open-xchange Appsuite 7.10.6
NA
CVE-2022-37310
OX App Suite up to and including 7.10.6 allows XSS via a malicious capability to the metrics or help module, as demonstrated by a /#!!&app=io.ox/files&cap= URI.
Open-xchange Open-xchange Appsuite
Open-xchange Open-xchange Appsuite 7.10.5
Open-xchange Open-xchange Appsuite 7.10.6
NA
CVE-2022-37308
OX App Suite up to and including 7.10.6 allows XSS via HTML in text/plain e-mail messages.
Open-xchange Open-xchange Appsuite
Open-xchange Open-xchange Appsuite 7.10.5
Open-xchange Open-xchange Appsuite 7.10.6
NA
CVE-2022-31469
OX App Suite up to and including 7.10.6 allows XSS via a deep link, as demonstrated by class="deep-link-app" for a /#!!&app=%2e./ URI.
Open-xchange Open-xchange Appsuite
Open-xchange Open-xchange Appsuite 7.10.5
Open-xchange Open-xchange Appsuite 7.10.6
NA
CVE-2022-37307
OX App Suite up to and including 7.10.6 allows XSS via XHTML CDATA for a snippet, as demonstrated by the onerror attribute of an IMG element within an e-mail signature.
Open-xchange Open-xchange Appsuite
Open-xchange Open-xchange Appsuite 7.10.5
Open-xchange Open-xchange Appsuite 7.10.6
NA
CVE-2022-37311
OX App Suite up to and including 7.10.6 has Uncontrolled Resource Consumption via a large location request parameter to the redirect servlet.
Open-xchange Open-xchange Appsuite
Open-xchange Open-xchange Appsuite 7.10.5
Open-xchange Open-xchange Appsuite 7.10.6
NA
CVE-2022-37312
OX App Suite up to and including 7.10.6 has Uncontrolled Resource Consumption via a large request body containing a redirect URL to the deferrer servlet.
Open-xchange Open-xchange Appsuite
Open-xchange Open-xchange Appsuite 7.10.5
Open-xchange Open-xchange Appsuite 7.10.6
NA
CVE-2022-37313
OX App Suite up to and including 7.10.6 allows SSRF because the anti-SSRF protection mechanism only checks the first DNS AA or AAAA record.
Open-xchange Open-xchange Appsuite
Open-xchange Open-xchange Appsuite 7.10.5
Open-xchange Open-xchange Appsuite 7.10.6
4.3
CVSSv2
CVE-2021-44212
OX App Suite up to and including 7.10.5 allows XSS via a trailing control character such as the SCRIPT\t substring.
Open-xchange Ox App Suite
4.3
CVSSv2
CVE-2021-44213
OX App Suite up to and including 7.10.5 allows XSS via uuencoding in a multipart/alternative message.
Open-xchange Ox App Suite
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
malicious code
XML injection
CVE-2024-28020
CVE-2024-35252
CVE-2024-5833
CVE-2024-30066
injection
CVE-2024-23282
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »