Cross-site scripting (XSS) vulnerability in the frontend in Open-Xchange (OX) AppSuite 7.4.1 prior to 7.4.1-rev10 and 7.4.2 prior to 7.4.2-rev8 allows remote malicious users to inject arbitrary web script or HTML via the subject of an email, involving 'the aria "tags" for screenreaders at the top bar'.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
open-xchange open-xchange appsuite 7.4.2 |
||
open-xchange open-xchange appsuite 7.4.1 |