4 matches found
CVE-2021-38377
OX App Suite through 7.10.5 allows XSS via JavaScript code in an anchor HTML comment within truncated e-mail, because there is a predictable UUID with HTML transformation results...
CVE-2021-38377
OX App Suite (Open-Xchange) before version 7.10.5 is affected by a cross-site scripting vulnerability in the frontend component. The issue stems from JavaScript code injected via an anchor HTML comment within truncated emails, enabled by a predictable UUID produced during HTML transformation, all...
CVE-2021-38377
OX App Suite through 7.10.5 allows XSS via JavaScript code in an anchor HTML comment within truncated e-mail, because there is a predictable UUID with HTML transformation results...
OX App Suite 7.10.5 Cross Site Scripting / Information Disclosure
Product: OX App Suite Vendor: OX Software GmbH Internal reference: OXUIB-872 Vulnerability type: Cross-Site Scripting CWE-80 Vulnerable version: 7.10.5 and earlier Vulnerable component: frontend Report confidence: Confirmed Solution status: Fixed by Vendor Fixed version: 7.10.3-rev30, 7.10.4-rev2...