5 matches found
EUVD-2017-14940
Malware in sbrugna...
CVE-2023-24604
OX App Suite before backend 7.10.6-rev37 does not check HTTP header lengths when downloading, e.g., potentially allowing a crafted iCal feed to provide an unlimited amount of header data...
PT-2023-19704 · Open Xchange · Ox App Suite
Name of the Vulnerable Software and Affected Versions: OX App Suite versions prior to 7.10.6-rev24 Description: The issue allows for XSS via data to the Tumblr portal widget, such as a post title. Recommendations: For versions prior to 7.10.6-rev24, update to version 7.10.6-rev24 or later to...
CVE-2020-24700
OX App Suite through 7.10.3 allows SSRF because GET requests are sent to arbitrary domain names with an initial autoconfig. substring...
Server side request forgery (ssrf)
OX App Suite 7.10.1 and 7.10.2 allows SSRF...