Open-Xchange OX Dovecot Pro 安全漏洞

Open-Xchange OX Dovecot Pro is a mail storage and delivery system provided by the German company Open-Xchange. Open-Xchange OX Dovecot Pro has a security vulnerability; this vulnerability stems from direct comparison in credential verification and makes it vulnerable to timing attack attacks, whi...

CVE-2022-37306

OX App Suite before 7.10.6-rev30 allows XSS via an upsell trigger...

Open-Xchange OX App Suite 跨站脚本漏洞

Open-Xchange OX App Suite is an email and productivity suite client software from Open-Xchange Germany. A security vulnerability exists in versions prior to Open-Xchange OX App Suite 7.10.6-rev30 that stems from allowing XSS via an upsell trigger...

CVE-2022-29853

OX App Suite through 8.2 allows XSS via a certain complex hierarchy that forces use of Show Entire Message for a huge HTML e-mail message...

Malicious code in open-xchange-appsuite-spamexperts (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2add34a6f5c10c787a6f1174f706cbb3513b8b883ad444090d2cd7874909eab9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

PT-2021-22088 · Open Xchange · Ox App Suite

Name of the Vulnerable Software and Affected Versions: OX App Suite versions 7.10.5 and earlier Description: The issue allows for cross-site scripting XSS attacks via a crafted snippet that contains an app loader reference within an app loader URL. This enables potential attackers to execute...

Open-xchange OX App Suite 输入验证错误漏洞

Open-xchange OX App Suite is a set of Web-based cloud desktop environments from Open-Xchange Open-xchange USA. The environment allows users to manage email, tasks, files, etc. more intuitively. A security vulnerability exists in Open-xchange OX App Suite 7.10.5 that originates from incorrect chat...

Open-xchange OX App Suite 代码问题漏洞

Open-xchange OX App Suite is a set of Web-based cloud desktop environments from Open-Xchange Open-xchange USA. The environment allows users to manage email, tasks, files, etc. more intuitively. A code issue vulnerability exists in OX App Suite version 7.10.4 and prior versions that stems from a...

CVE-2017-15029

Open-Xchange GmbH OX App Suite 7.8.4 and earlier is affected by: SSRF...

Open-Xchange OX App Suite Code Issue Vulnerability

The pen-Xchange OX App Suite is a set of Web-based cloud desktop environments from Open-Xchange USA. The environment allows users to manage email, tasks, files, etc. more intuitively. Open-Xchange GmbH OX App Suite 7.8.4 and earlier versions are affected by: SSRF.There is currently no detailed...

CVE-2018-9998

Open-Xchange OX App Suite before 7.6.3-rev37, 7.8.x before 7.8.2-rev40, 7.8.3 before 7.8.3-rev48, and 7.8.4 before 7.8.4-rev28 include folder names in API error responses, which allows remote attackers to obtain sensitive information via the folder parameter in an "all" action to api/tasks...

CVE-2016-5740

An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev5. JavaScript code can be used as part of ical attachments within scheduling E-Mails. This content, for example an appointment's location, will be presented to the user at the E-Mail App, depending on the invitation workflow. Th...

Open-Xchange AppSuite Cross-Site Request Forgery Vulnerability (CNVD-2016-04410)

Open-Xchange AppSuite OX AppSuite is a suite of Web-based cloud desktop environments from Open-Xchange, Inc. in the United States. The environment allows users to manage email, tasks, files, etc. more intuitively. A cross-site request forgery vulnerability exists in OX AppSuite 7.8.1 and earlier...

Open-Xchange AppSuite Page Forgery Vulnerability

Open-Xchange AppSuite OX AppSuite is a suite of Web-based cloud desktop environments from Open-Xchange, Inc. in the United States. The environment allows users to manage email, tasks, files, etc. more intuitively. A page forgery vulnerability exists in OX AppSuite versions 7.8.0 through 7.8.1. An...

Open Exchange default account

mailadmin/secret LDAP account is created during installation with /bin/bash login shell...