2 matches found
CVE-2013-5690
CVE-2013-5690 affects Open-Xchange AppSuite prior to 7.2.2. The issue is cross-site scripting vulnerabilities allowing remote authenticated users to inject script/HTML through (1) content with the text/xml MIME type and (2) the Status comment field of an appointment. Root cause relates to inadequ...
Open-Xchange Security Advisory 2013-09-30
Product: Open-Xchange AppSuite Vendor: Open-Xchange GmbH Internal reference: 28642 Bug ID Vulnerability type: CWE-80 Improper Neutralization of Script-Related HTML Tags in a Web Page Vulnerable version: prior to 7.2.2 Vulnerable component: backend Fixed version: 7.0.2-rev16, 7.2.2-rev20 Report...