3 matches found
CVE-2023-26430
Attackers with access to user accounts can inject arbitrary control characters to SIEVE mail-filter rules. This could be abused to access SIEVE extension that are not allowed by App Suite or to inject rules which would break per-user filter processing, requiring manual cleanup of such rules. We...
CVE-2023-26430
creationtimestamp| type| source ---|---|--- 2023-08-02 16:39:16+00:00| seen| Telegram/OmS9SZHCtZYnYG6df4UIYUHUyANYEIeyOmdMRuqPnnEsQ...
CVE-2023-26430
CVE-2023-26430 affects Open-Xchange AppSuite. Attackers with user access can inject arbitrary control characters into SIEVE mail-filter rules, potentially enabling access to disallowed SIEVE extensions or corrupting per-user filter processing. The underlying issue is character injection into mail...