CVE-2021-38374

OX App Suite through through 7.10.5 allows XSS via a crafted snippet that has an app loader reference within an app loader URL...

Open-Xchange OX App Suite 跨站脚本漏洞

Open-Xchange OX App Suite is an e-mail and productivity suite client software from Open-Xchange Germany. A cross-site scripting vulnerability exists in Open-Xchange OX App Suite versions 7.10.5 and below, which stems from deep links in E-Mail e.g., links to Drive files that are not checked for...

CVE-2021-38374

OX App Suite through through 7.10.5 allows XSS via a crafted snippet that has an app loader reference within an app loader URL...

CVE-2021-38374

OX App Suite through through 7.10.5 allows XSS via a crafted snippet that has an app loader reference within an app loader URL...

CVE-2021-38374

OX App Suite (Open-Xchange) suffers a Cross-Site Scripting (XSS) vulnerability in versions up to 7.10.5. The issue arises from the frontend 'app loader' mechanism, which could be abused to load relative URLs outside the intended API path, allowing attackers to inject malicious scripts in a user’s...

CVE-2021-38374

OX App Suite through through 7.10.5 allows XSS via a crafted snippet that has an app loader reference within an app loader URL...

OX App Suite 7.10.5 Cross Site Scripting / Information Disclosure Vulnerability

OX App Suite versions 7.10.5 and below suffer from cross site scripting and information disclosure vulnerabilities. Product: OX App Suite Vendor: OX Software GmbH Internal reference: OXUIB-872 Vulnerability type: Cross-Site Scripting CWE-80 Vulnerable version: 7.10.5 and earlier Vulnerable...

OX App Suite 7.10.5 Cross Site Scripting / Information Disclosure

Product: OX App Suite Vendor: OX Software GmbH Internal reference: OXUIB-872 Vulnerability type: Cross-Site Scripting CWE-80 Vulnerable version: 7.10.5 and earlier Vulnerable component: frontend Report confidence: Confirmed Solution status: Fixed by Vendor Fixed version: 7.10.3-rev30, 7.10.4-rev2...