Details about CVE-2017-6913 - Stored XSS in open-xchange's webmail
CVE-2017-6913 This is a vulnerability I found in open-xchange OX App Suite's webmail (wwwopen-xchangecom/) a while back Vulnerability details The webmail was vulnerable to a stored XSS when opening an email, due to the event attributes of the HTML time tag not being properly filtered Consequently, embedded HTML code such as the one that follows could run JavaSc