4 matches found
CVE-2020-12646
OX App Suite 7.10.3 and earlier allows XSS via text/x-javascript, text/rdf, or a PDF document...
CVE-2020-12646
OX App Suite 7.10.3 and earlier allows XSS via text/x-javascript, text/rdf, or a PDF document...
CVE-2020-12646
OX App Suite 7.10.3 and earlier is affected by an XSS vulnerability in OX Documents (backend) triggered via content types text/x-javascript, text/rdf, or a PDF. The root cause is incomplete input filtering related to legacy media types, as described in the public advisory. Impact is cross-site sc...
OX App Suite / OX Documents XSS / SSRF / Bypass
Dear subscribers, we're sharing our latest advisory with you and like to thank everyone who contributed in finding and solving those vulnerabilities. Feel free to join our bug bounty programs for OX App Suite, Dovecot and PowerDNS at HackerOne. Yours sincerely, Martin Heiland, Open-Xchange GmbH...