CVE-2013-2583

2013-09-0510:00:00

mitre

www.cve.org

cross-site scripting

open-xchange

remote attackers

arbitrary web script

html

mail signature

image file

AI Score

5.8

Confidence

High

EPSS

0.001

Percentile

47.3%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange AppSuite and Server before 6.20.7 rev16, 6.22.0 before rev15, 6.22.1 before rev17, 7.0.1 before rev6, and 7.0.2 before rev7 allow remote attackers to inject arbitrary web script or HTML via (1) a javascript: URL, (2) malformed nested SCRIPT elements, (3) a mail signature, or (4) JavaScript code within an image file.

References

archives.neohapsis.com/archives/bugtraq/2013-04/0183.html