5 matches found
CVE-2021-33490
OX App Suite through 7.10.5 allows XSS via a crafted snippet in a shared mail signature...
CVE-2021-33490
OX App Suite through 7.10.5 allows XSS via a crafted snippet in a shared mail signature...
CVE-2021-33490
OX App Suite through 7.10.5 allows XSS via a crafted snippet in a shared mail signature...
CVE-2021-33490
OX App Suite (7.10.x) is affected by CVE-2021-33490: cross-site scripting via crafted snippets in shared mail signatures. Root cause involves sanitization bypass for certain image formats, allowing injected HTML/JS to run in a user’s context. Exploitation described as requiring the user to follow...
OX App Suite / Ox Documents 7.10.x XSS / Code Injection / Traversal
Product: OX App Suite, OX Documents Vendor: OX Software GmbH Internal reference: MWB-993 Vulnerability type: Cross-Site Scripting CWE-80 Vulnerable version: 7.10.5 and earlier Vulnerable component: backend Report confidence: Confirmed Solution status: Fixed by Vendor Fixed version: 7.10.3-rev35,...