10 matches found
PT-2023-19699 · Open Xchange · Ox App Suite
Name of the Vulnerable Software and Affected Versions: OX App Suite versions prior to 7.10.6-rev24 Description: The issue allows the loading of an e-mail message's remote resources during printing without user consent. Recommendations: For versions prior to 7.10.6-rev24, update to version...
Open-Xchange OX App Suite 信息泄露漏洞
Open-Xchange OX App Suite is an email and productivity suite client software from Open-Xchange Germany. An information disclosure vulnerability exists in Open-Xchange OX App Suite version 7.10.6-rev23. An attacker could exploit the vulnerability to view user privacy...
CVE-2022-31469
OX App Suite through 7.10.6 allows XSS via a deep link, as demonstrated by class="deep-link-app" for a /!!&app=%2e./ URI...
PT-2022-23918 · Open Xchange · Ox App Suite
Name of the Vulnerable Software and Affected Versions: OX App Suite versions 7.10.6 and earlier Description: The issue allows for XSS via a malicious capability to the metrics or help module. This can be demonstrated by a URI such as "/!!&app=io.ox/files&cap=". Recommendations: For versions 7.10....
PT-2022-20746 · Open Xchange · Ox App Suite
Name of the Vulnerable Software and Affected Versions: OX App Suite versions 7.10.6 and earlier Description: The issue allows for XSS via a deep link, as demonstrated by class="deep-link-app" for a "/!!&app=%2e./" URI. This can be exploited to execute malicious scripts. Recommendations: For OX Ap...
PT-2022-23915 · Open Xchange · Ox App Suite
Name of the Vulnerable Software and Affected Versions: OX App Suite versions 7.10.6 and earlier Description: The issue allows for cross-site scripting XSS attacks via HTML in text/plain e-mail messages. This can potentially lead to the execution of malicious scripts on the client-side...
CVE-2022-23101
OX App Suite through 7.10.6 allows XSS via appHandler in a deep link in an e-mail message...
CVE-2022-24405
OX App Suite through 7.10.6 allows OS Command Injection via a serialized Java class to the Documentconverter API...
Open-Xchange OX App Suite 操作系统命令注入漏洞
Open-Xchange OX App Suite is an email and productivity suite client software from Open-Xchange Germany. An operating system command injection vulnerability exists in Open-Xchange OX App Suite versions 7.10.6 and below, which stems from a remote code execution flaw in OX Documentconverter that cou...
Open-Xchange OX App Suite 安全特征问题漏洞
Open-Xchange OX App Suite is an email and productivity suite client software from Open-Xchange Germany. A security feature issue vulnerability exists in Open-Xchange OX App Suite versions prior to 7.10.6 that stems from a conflict that can change the parameters of an API request between OX App...