CVE-2023-26446
CVE-2023-26446 concerns Open-Xchange AppSuite, where the user-controlled clientID value used in the I/O flow for application passwords was not sanitized/escaped before being inserted into the DOM, enabling potential cross-site scripting that could compromise the victim’s session or trigger action...