Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ox guard vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2020-9427
OX Guard 2.10.3 and previous versions allows SSRF.
Open-xchange Ox Guard 2.10.3
6.8
CVSSv2
CVE-2018-10986
OX Guard 2.8.0 has CSRF.
Open-xchange Ox Guard 2.8.0
5.8
CVSSv2
CVE-2021-26699
OX App Suite prior to 7.10.3-rev4 and 7.10.4 prior to 7.10.4-rev4 allows SSRF via a shared SVG document that is mishandled by the imageconverter component when the .png extension is used.
Open-xchange Open-xchange Appsuite 7.10.3
Open-xchange Open-xchange Appsuite 7.10.4
4.3
CVSSv2
CVE-2021-26698
OX App Suite prior to 7.10.3-rev32 and 7.10.4 prior to 7.10.4-rev18 allows XSS via a code snippet (user-generated content) when a sharing link is created and the dl parameter is used.
Open-xchange Open-xchange Appsuite 7.10.3
Open-xchange Open-xchange Appsuite 7.10.4
5.5
CVSSv2
CVE-2020-24700
OX App Suite up to and including 7.10.3 allows SSRF because GET requests are sent to arbitrary domain names with an initial autoconfig. substring.
Open-xchange Open-xchange Appsuite
4.3
CVSSv2
CVE-2020-24701
OX App Suite up to and including 7.10.4 allows XSS via the app loading mechanism (the PATH_INFO to the /appsuite URI).
Open-xchange Open-xchange Appsuite
4.3
CVSSv2
CVE-2020-28945
OX App Suite 7.10.4 and previous versions allows XSS via crafted content to reach an undocumented feature, such as ![](http://onerror=Function.constructor, in a Notes item.
Open-xchange Open-xchange Appsuite
4
CVSSv2
CVE-2020-28943
OX App Suite 7.10.4 and previous versions allows SSRF via a snippet.
Open-xchange Open-xchange Appsuite
4.3
CVSSv2
CVE-2018-9997
Cross-site scripting (XSS) vulnerability in mail compose in Open-Xchange OX App Suite prior to 7.6.3-rev31, 7.8.x prior to 7.8.2-rev31, 7.8.3 prior to 7.8.3-rev41, and 7.8.4 prior to 7.8.4-rev28 allows remote malicious users to inject arbitrary web script or HTML via the data-tar...
Open-xchange Open-xchange Appsuite
Open-xchange Open-xchange Appsuite 7.6.3
Open-xchange Open-xchange Appsuite 7.8.0
Open-xchange Open-xchange Appsuite 7.8.2
Open-xchange Open-xchange Appsuite 7.8.3
Open-xchange Open-xchange Appsuite 7.8.4
5.8
CVSSv2
CVE-2019-11521
OX App Suite 7.10.1 allows Content Spoofing.
Open-xchange Open-xchange Appsuite 7.10.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2