2 matches found
Cross site scripting
Cross-site scripting XSS vulnerability in the backend in Open-Xchange OX AppSuite 7.2.x before 7.2.2-rev27 and 7.4.x before 7.4.0-rev20 allows remote attackers to inject arbitrary web script or HTML via the body of an email. NOTE: this vulnerability was SPLIT from CVE-2013-6242 because it affects...
CVE-2013-6242
CVE-2013-6242 describes a cross-site scripting (XSS) flaw in the frontend of Open-Xchange (OX) AppSuite. It affects Open-Xchange AppSuite 6.22.3 before 6.22.3-rev5 and 6.22.4 before 6.22.4-rev12, where an attacker can inject arbitrary script/HTML via the subject of an email sent to the frontend. ...