Cross-site scripting (XSS) vulnerability in webmail in Open-Xchange 0.8.1-6 and previous versions, with "Inline HTML" enabled, allows remote malicious users to inject arbitrary web script or HTML via e-mail attachments, which are rendered inline.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
open-xchange open-xchange |