Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 08/04/2024 Updated: 11/04/2024

Upsell advertisement information of an account can be manipulated to execute script code in the context of the users browser session. To exploit this an attacker would require temporary access to a users account or an successful social engineering attack to lure users to maliciously configured accounts. Attackers could perform malicious API requests or extract information from the users account. Please deploy the provided updates and patch releases. Sanitization of user-defined upsell content has been improved. No publicly available exploits are known.

Full Disclosure mailing list archives   By Date By Thread </form>    OXAS-ADV-2024-0001: OX App Suite Security Advisory   From: Martin ...

https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2024/oxas-adv-2024-0001.json https://documentation.open-xchange.com/appsuite/releases/8.21/https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6268_7.10.6_2024-02-08.pdf https://documentation.open-xchange.com/appsuite/releases/8.22/https://nvd.nist.gov https://seclists.org/fulldisclosure/2024/Apr/18

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2024-23191

Vulnerability Summary

Mailing Lists

References

Vulmon Search

About

Products

Connect