263 matches found
CVE-2013-7486
Cross-site scripting XSS vulnerability in the backend in Open-Xchange OX AppSuite 7.2.x before 7.2.2-rev27 and 7.4.x before 7.4.0-rev20 allows remote attackers to inject arbitrary web script or HTML via the body of an email. NOTE: this vulnerability was SPLIT from CVE-2013-6242 because it affects...
CVE-2013-7485
Cross-site scripting XSS vulnerability in the backend in Open-Xchange OX AppSuite 7.2.x before 7.2.2-rev26 and 7.4.x before 7.4.0-rev16 allows remote attackers to inject arbitrary web script or HTML via the publication name, which is not properly handled in an error message. NOTE: this...
CVE-2013-7485
CVE-2013-7485 is an XSS in the backend of Open-Xchange AppSuite. Affected: 7.2.x prior to 7.2.2-rev26 and 7.4.x prior to 7.4.0-rev16. Vulnerability arises from improper handling of the publication name in error messages, enabling remote attackers to inject arbitrary script/HTML. Mitigation: apply...
Open-Xchange AppSuite Multiple Security Vulnerabilities
Description Open-Xchange AppSuite is prone to multiple security vulnerabilities. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected application. This may let the attacker steal cookie-based authentication...
Open-Xchange (OX) AppSuite Improper Access Control Vulnerability (Bug ID 61315)
Open-Xchange OX AppSuite is prone to an improper access control vulnerability. This VT has been deprecated and replaced by the VT SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Open-Xchange (OX) AppSuite Information Exposure Vulnerability (Bug ID 61771)
Open-Xchange OX AppSuite is prone to an information exposure vulnerability. This VT has been deprecated and replaced by the VT SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Open-Xchange AppSuite Information Disclosure Vulnerability (CNVD-2019-12910)
Open-Xchange AppSuite is a suite of Web-based cloud desktop environments from Open-Xchange USA. The environment allows users to manage email, tasks, files, etc. more intuitively. An information disclosure vulnerability exists in Open-Xchange AppSuite 7.10.1 and prior versions, which arises from...
Open-Xchange AppSuite Access Control Error Vulnerability
Open-Xchange AppSuite is a suite of Web-based cloud desktop environments from Open-Xchange USA. The environment allows users to manage email, tasks, files, etc. more intuitively. An Access Control Error vulnerability exists in Open-Xchange AppSuite 7.10.1 and prior versions, which arises from a...
CVE-2014-2078
The backend in Open-Xchange OX AppSuite 7.4.2 before 7.4.2-rev9 allows remote attackers to obtain sensitive information about user email addresses in opportunistic circumstances by leveraging a failure in e-mail auto configuration for external accounts...
CVE-2014-2078
The backend in Open-Xchange OX AppSuite 7.4.2 before 7.4.2-rev9 allows remote attackers to obtain sensitive information about user email addresses in opportunistic circumstances by leveraging a failure in e-mail auto configuration for external accounts...
Open redirect
The backend in Open-Xchange OX AppSuite 7.4.2 before 7.4.2-rev9 allows remote attackers to obtain sensitive information about user email addresses in opportunistic circumstances by leveraging a failure in e-mail auto configuration for external accounts...
CVE-2014-2078
The backend in Open-Xchange OX AppSuite 7.4.2 before 7.4.2-rev9 allows remote attackers to obtain sensitive information about user email addresses in opportunistic circumstances by leveraging a failure in e-mail auto configuration for external accounts...
CVE-2014-2078
Open-Xchange AppSuite 7.4.2 is affected by CVE-2014-2078. The vulnerability arises when E-Mail auto configuration for external accounts fails, enabling remote attackers to obtain email addresses of other users under opportunistic circumstances. Affected component is the backend in AppSuite; explo...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Open-Xchange Server 6 and OX AppSuite before 7.4.2-rev43, 7.6.0-rev38, and 7.6.1-rev21...
CVE-2015-1588
Multiple cross-site scripting XSS vulnerabilities in Open-Xchange Server 6 and OX AppSuite before 7.4.2-rev43, 7.6.0-rev38, and 7.6.1-rev21...
CVE-2015-1588
Multiple cross-site scripting XSS vulnerabilities in Open-Xchange Server 6 and OX AppSuite before 7.4.2-rev43, 7.6.0-rev38, and 7.6.1-rev21...
CVE-2015-1588
CVE-2015-1588 affects Open-Xchange Server 6 and OX AppSuite. The issue is multiple cross-site scripting (XSS) vulnerabilities caused by insufficient input filtering in the backend/OX AppSuite, enabling execution of crafted script in a user’s browser context and potential session-related issues. A...
CVE-2016-6846
Cross-site scripting XSS vulnerability in Open-Xchange OX AppSuite backend before 7.6.2-rev59, 7.8.0 before 7.8.0-rev38, 7.8.2 before 7.8.2-rev8; AppSuite frontend before 7.6.2-rev47, 7.8.0 before 7.8.0-rev30, and 7.8.2 before 7.8.2-rev8; Office Web before 7.6.2-rev16, 7.8.0 before 7.8.0-rev10, a...
CVE-2016-6846
Cross-site scripting XSS vulnerability in Open-Xchange OX AppSuite backend before 7.6.2-rev59, 7.8.0 before 7.8.0-rev38, 7.8.2 before 7.8.2-rev8; AppSuite frontend before 7.6.2-rev47, 7.8.0 before 7.8.0-rev30, and 7.8.2 before 7.8.2-rev8; Office Web before 7.6.2-rev16, 7.8.0 before 7.8.0-rev10, a...
Cross site scripting
Cross-site scripting XSS vulnerability in Open-Xchange OX AppSuite backend before 7.6.2-rev59, 7.8.0 before 7.8.0-rev38, 7.8.2 before 7.8.2-rev8; AppSuite frontend before 7.6.2-rev47, 7.8.0 before 7.8.0-rev30, and 7.8.2 before 7.8.2-rev8; Office Web before 7.6.2-rev16, 7.8.0 before 7.8.0-rev10, a...