Lucene search
MitreCVE-2022-37306HistoryApr 16, 2023 - 2:15 a.m.
CVE-2022-37306
2023-04-1602:15:08
CWE-79
mitre
web.nvd.nist.gov
22
cve-2022-37306
ox app suite
xss
vulnerability
security
upsell trigger
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
49.4%
OX App Suite before 7.10.6-rev30 allows XSS via an upsell trigger.
Affected configurations
Node
open-xchangeox_app_suiteRange<7.10.6
ORopen-xchangeox_app_suiteMatch7.10.6-
ORopen-xchangeox_app_suiteMatch7.10.6rev01
ORopen-xchangeox_app_suiteMatch7.10.6rev02
ORopen-xchangeox_app_suiteMatch7.10.6rev03
ORopen-xchangeox_app_suiteMatch7.10.6rev04
ORopen-xchangeox_app_suiteMatch7.10.6rev05
ORopen-xchangeox_app_suiteMatch7.10.6rev06
ORopen-xchangeox_app_suiteMatch7.10.6rev07
ORopen-xchangeox_app_suiteMatch7.10.6rev08
ORopen-xchangeox_app_suiteMatch7.10.6rev09
ORopen-xchangeox_app_suiteMatch7.10.6rev10
ORopen-xchangeox_app_suiteMatch7.10.6rev11
ORopen-xchangeox_app_suiteMatch7.10.6rev12
ORopen-xchangeox_app_suiteMatch7.10.6rev13
ORopen-xchangeox_app_suiteMatch7.10.6rev14
ORopen-xchangeox_app_suiteMatch7.10.6rev15
ORopen-xchangeox_app_suiteMatch7.10.6rev16
ORopen-xchangeox_app_suiteMatch7.10.6rev17
ORopen-xchangeox_app_suiteMatch7.10.6rev18
ORopen-xchangeox_app_suiteMatch7.10.6rev19
ORopen-xchangeox_app_suiteMatch7.10.6rev20
ORopen-xchangeox_app_suiteMatch7.10.6rev21
ORopen-xchangeox_app_suiteMatch7.10.6rev22
ORopen-xchangeox_app_suiteMatch7.10.6rev23
ORopen-xchangeox_app_suiteMatch7.10.6rev24
ORopen-xchangeox_app_suiteMatch7.10.6rev25
ORopen-xchangeox_app_suiteMatch7.10.6rev26
ORopen-xchangeox_app_suiteMatch7.10.6rev27
ORopen-xchangeox_app_suiteMatch7.10.6rev28
ORopen-xchangeox_app_suiteMatch7.10.6rev29
| Vendor | Product | Version | CPE |
|---|---|---|---|
| open-xchange | ox_app_suite | * | cpe:2.3:a:open-xchange:ox_app_suite:*:*:*:*:*:*:*:* |
| open-xchange | ox_app_suite | 7.10.6 | cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:-:*:*:*:*:*:* |
| open-xchange | ox_app_suite | 7.10.6 | cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev01:*:*:*:*:*:* |
| open-xchange | ox_app_suite | 7.10.6 | cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev02:*:*:*:*:*:* |
| open-xchange | ox_app_suite | 7.10.6 | cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev03:*:*:*:*:*:* |
| open-xchange | ox_app_suite | 7.10.6 | cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev04:*:*:*:*:*:* |
| open-xchange | ox_app_suite | 7.10.6 | cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev05:*:*:*:*:*:* |
| open-xchange | ox_app_suite | 7.10.6 | cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev06:*:*:*:*:*:* |
| open-xchange | ox_app_suite | 7.10.6 | cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev07:*:*:*:*:*:* |
| open-xchange | ox_app_suite | 7.10.6 | cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev08:*:*:*:*:*:* |
Related
osv
osv
CVE-2022-37306
2023-04-16 02:15:08
prion
prion
Cross site scripting
2023-04-16 02:15:00
nvd
nvd
CVE-2022-37306
2023-04-16 02:15:08
cvelist
cvelist
CVE-2022-37306
2023-04-16 00:00:00
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
49.4%
Related for CVE-2022-37306