Lucene search
K

5 matches found

CVE
CVE
added 2016/12/15 6:31 a.m.51 views

CVE-2016-6854

CVE-2016-6854 affects Open-Xchange OX Guard prior to 2.4.2-rev5. An injection flaw allows a script to run when verifying an inline PGP signature in a mail, enabling malicious code to execute in a user’s context and potentially hijack sessions or trigger actions via the web interface. Fixed in 2.4...

6.1CVSS6.2AI score0.02441EPSS
Exploits5References4Affected Software1
Packet Storm
Packet Storm
added 2016/09/13 12:0 a.m.44 views

Open-Xchange Guard 2.4.2 Cross Site Scripting

Product: OX Guard Vendor: OX Software GmbH Internal reference: 47878 Bug ID Vulnerability type: Cross Site Scripting CWE-80 Vulnerable version: 2.4.2 and earlier Vulnerable component: guard Report confidence: Confirmed Solution status: Fixed by Vendor Fixed version: 2.4.0-rev11, 2.4.2-rev5...

6.3AI score0.02643EPSS
Exploits7
0day.today
0day.today
added 2016/09/13 12:0 a.m.48 views

Open-Xchange Guard 2.4.2 - Multiple Cross Site Scripting

Exploit for linux platform in category web applications Product: OX Guard Vendor: OX Software GmbH Internal reference: 47878 Bug ID Vulnerability type: Cross Site Scripting CWE-80 Vulnerable version: 2.4.2 and earlier Vulnerable component: guard Report confidence: Confirmed Solution status: Fixed...

4.3CVSS6.3AI score0.02643EPSS
Exploits7
exploitpack
exploitpack
added 2016/09/13 12:0 a.m.58 views

Open-Xchange Guard 2.4.2 - Multiple Cross-Site Scripting Vulnerabilities

Open-Xchange Guard 2.4.2 - Multiple Cross-Site Scripting Vulnerabilities Product: OX Guard Vendor: OX Software GmbH Internal reference: 47878 Bug ID Vulnerability type: Cross Site Scripting CWE-80 Vulnerable version: 2.4.2 and earlier Vulnerable component: guard Report confidence: Confirmed...

4.3CVSS6.3AI score0.02643EPSS
Exploits7
Exploit DB
Exploit DB
added 2016/09/13 12:0 a.m.36 views

Open-Xchange Guard 2.4.2 - Multiple Cross-Site Scripting Vulnerabilities

Product: OX Guard Vendor: OX Software GmbH Internal reference: 47878 Bug ID Vulnerability type: Cross Site Scripting CWE-80 Vulnerable version: 2.4.2 and earlier Vulnerable component: guard Report confidence: Confirmed Solution status: Fixed by Vendor Fixed version: 2.4.0-rev11, 2.4.2-rev5...

6.1CVSS6.5AI score0.02643EPSS
Exploits7
Rows per page
Query Builder