Lucene search
MitreCVELIST:CVE-2016-6853HistoryDec 15, 2016 - 6:31 a.m.
CVE-2016-6853
2016-12-1506:31:00
mitre
www.cve.org
5
An issue was discovered in Open-Xchange OX Guard before 2.4.2-rev5. Script code and references to external websites can be injected to the names of PGP public keys. When requesting that key later on using a specific URL, such script code might get executed. In case of injecting external websites, users might get lured into a phishing scheme. Malicious script code can be executed within a user’s context. This can lead to session hijacking or triggering unwanted actions via the web interface (sending mail, deleting data etc.).
Related
prion
prion
Design/Logic Flaw
2016-12-15 06:59:00
nvd
nvd
CVE-2016-6853
2016-12-15 06:59:24
cve
cve
CVE-2016-6853
2016-12-15 06:59:24
exploitpack
exploitpack
Open-Xchange Guard 2.4.2 - Multiple Cross-Site Scripting Vulnerabilities
2016-09-13 00:00:00
packetstorm
packetstorm
Open-Xchange Guard 2.4.2 Cross Site Scripting
2016-09-13 00:00:00
zdt
zdt
Open-Xchange Guard 2.4.2 - Multiple Cross Site Scripting
2016-09-13 00:00:00
exploitdb
exploitdb
Open-Xchange Guard 2.4.2 - Multiple Cross-Site Scripting Vulnerabilities
2016-09-13 00:00:00