OX App Suite up to and including 7.10.3 allows XSS via the ajax/apps/manifests query string.
open-xchange open-xchange appsuite