Cross-site scripting (XSS) vulnerability in the frontend in Open-Xchange (OX) AppSuite 6.22.3 prior to 6.22.3-rev5 and 6.22.4 prior to 6.22.4-rev12 allows remote malicious users to inject arbitrary web script or HTML via the subject of an email. NOTE: the vulnerabilities related to the body of the email and the publication name were SPLIT from this CVE ID because they affect different sets of versions.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
open-xchange open-xchange appsuite 7.2.2 |
||
open-xchange open-xchange appsuite 7.4.0 |
||
open-xchange open-xchange appsuite 6.22.3 |
||
open-xchange open-xchange appsuite 6.22.4 |