Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.1
CVSSv3

CVE-2022-37310

Published: 26/12/2022 Updated: 03/01/2023
CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8
VMScore: 0
Subscribe to Open-xchange

Vulnerability Summary

OX App Suite up to and including 7.10.6 allows XSS via a malicious capability to the metrics or help module, as demonstrated by a /#!!&app=io.ox/files&cap= URI.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

open-xchange open-xchange appsuite

open-xchange open-xchange appsuite 7.10.5

open-xchange open-xchange appsuite 7.10.6

Exploits

Exploit DB: OX App Suite 7.10.6 Cross Site Scripting / SSRF / Resource Consumption
OX App Suite versions 7106 and below suffer from cross site scripting, server-side request forgery, and resource exhaustion vulnerabilities ...

References

CWE-79https://seclists.org/fulldisclosure/2022/Nov/18https://open-xchange.comhttps://nvd.nist.govhttps://packetstormsecurity.com/files/170064/OX-App-Suite-7.10.6-Cross-Site-Scripting-SSRF-Resource-Consumption.html
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
race conditionCVE-2024-4249CVE-2024-4244CVE-2023-20198TCPCVE-2022-48648CVE-2022-48636CVE-2024-21345SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook