2 matches found
CVE-2014-5236
CVE-2014-5236 affects Open-Xchange AppSuite, where the documentconverter component is vulnerable to absolute path traversal via crafted OLE Objects or images in OpenDocument text files. The impact is reading sensitive server files. Vendors provided fixes in versions: 7.4.2-rev10 and 7.6.0-rev10. ...
Open-Xchange 7.6.0 XSS / SSRF / Traversal Vulnerabilities
Open-Xchange versions 7.6.0 and below suffer from absolute path traversal, server-side request forgery, XXE injection, and cross site scripting vulnerabilities. Product: OX App Suite Vendor: Open-Xchange GmbH Vulnerability type: Cross Site Scripting CWE-80 Vulnerable version: 7.6.0 and earlier...