2 matches found
CVE-2013-7142
Open-Xchange AppSuite (v7.4.1 and earlier) is affected by CVE-2013-7142, an XSS in the backend/frontend introduced via oAuth API calls that can allow an attacker to inject script within the user’s context. The vendor fixed this with patches in 7.2.2-rev29, 7.4.0-rev24, and 7.4.1-rev11; apply the ...
Open-Xchange Security Advisory 2014-01-17
Product: Open-Xchange AppSuite Vendor: Open-Xchange GmbH Internal reference: 30357 Bug ID Vulnerability type: CWE-80 Improper Neutralization of Script-Related HTML Tags in a Web Page Vulnerable version: 7.4.1 and earlier Vulnerable component: backend Fixed version: 7.2.2-rev29, 7.4.0-rev24,...