2 matches found
CVE-2022-37310
OX App Suite through 7.10.6 allows XSS via a malicious capability to the metrics or help module, as demonstrated by a /!!&app=io.ox/files&cap= URI...
CVE-2022-37310
OX App Suite 7.10.6 and earlier is affected by a Cross‑Site Scripting (XSS) vulnerability introduced via a malicious capability to the metrics or help module, exploitable through a URI like /#!!&app=io.ox/files&cap=. Impact cited includes execution of script in the victim’s context and potential ...