CVE-2024-23189

🗓️ 08 Apr 2024 09:15:09Reported by [email protected]Type

Embedded content poses script code execution risk, requiring temporary user account access, successful social engineering, or user import of external content. Attackers may perform malicious API requests or extract user information. Update and patch are available

Reporter	Title	Published	Views	Family All 7
CNNVD	Open-Xchange App Suite 跨站脚本漏洞	8 Apr 202400:00	–	cnnvd
CVE	CVE-2024-23189	8 Apr 202408:09	–	cve
Cvelist	CVE-2024-23189	8 Apr 202408:09	–	cvelist
EUVD	EUVD-2024-20708	3 Oct 202520:07	–	euvd
Positive Technologies	PT-2024-19705 · Open Xchange Gmbh · Ox App Suite	8 Apr 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-23189	23 May 202508:44	–	redhatcve
Vulnrichment	CVE-2024-23189	8 Apr 202408:09	–	vulnrichment

Source	Link
documentation	www.documentation.open-xchange.com/appsuite/security/advisories/csaf/2024/oxas-adv-2024-0001.json
seclists	www.seclists.org/fulldisclosure/2024/Apr/18
documentation	www.documentation.open-xchange.com/appsuite/releases/8.22/
documentation	www.documentation.open-xchange.com/appsuite/releases/8.21/
software	www.software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6268_7.10.6_2024-02-08.pdf

15 Apr 2026 00:35Current

5.5Medium risk

Vulners AI Score5.5

CVSS 3.15.4

EPSS0.00531

CWE-79