Lucene search
K

7 matches found

Prion
Prion
added 2016/12/15 6:59 a.m.16 views

Design/Logic Flaw

An issue was discovered in Open-Xchange Server 6 / OX AppSuite before 7.8.0-rev26. The "session" parameter for file-download requests can be used to inject script code that gets reflected through the subsequent status page. Malicious script code can be executed within a trusted domain's context...

4.3CVSS7AI score0.01641EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2016/12/15 6:31 a.m.32 views

CVE-2016-2840

An issue was discovered in Open-Xchange Server 6 / OX AppSuite before 7.8.0-rev26. The "session" parameter for file-download requests can be used to inject script code that gets reflected through the subsequent status page. Malicious script code can be executed within a trusted domain's context...

6.2AI score0.01641EPSS
Exploits0References3
NVD
NVD
added 2015/09/28 4:59 p.m.19 views

CVE-2015-5375

Cross-site scripting XSS vulnerability in unspecified dialogs for printing content in the Front End in Open-Xchange Server 6 and OX App Suite before 6.22.8-rev8, 6.22.9 before 6.22.9-rev15m, 7.x before 7.6.1-rev25, and 7.6.2 before 7.6.2-rev20 allows remote attackers to inject arbitrary web scrip...

4.3CVSS5.7AI score0.0195EPSS
Exploits0References4
securityvulns
securityvulns
added 2015/02/16 12:0 a.m.61 views

Open-Xchange Security Advisory 2015-02-12

Product: Open-Xchange Server 6 / OX AppSuite Vendor: Open-Xchange GmbH Internal reference: 35889 Bug ID Vulnerability type: Information Exposure CWE-200 Vulnerable version: 7.6.1 and earlier Vulnerable component: backend Report confidence: Confirmed Solution status: Fixed by Vendor Fixed version:...

4CVSS2.4AI score0.02131EPSS
Exploits0
Exploit DB
Exploit DB
added 2013/03/15 12:0 a.m.54 views

Open-Xchange Server 6 - Multiple Vulnerabilities

Multiple security issues for Open-Xchange Server have been discovered and fixed. The vendor has chosen responsible full disclosure to publish security issue details. Users of the software have already been provided with patched versions. Proof regarding authenticity can be obtained from the...

4.3CVSS6.4AI score0.02939EPSS
Exploits6
exploitpack
exploitpack
added 2013/03/15 12:0 a.m.106 views

Open-Xchange Server 6 - Multiple Vulnerabilities

Open-Xchange Server 6 - Multiple Vulnerabilities Multiple security issues for Open-Xchange Server have been discovered and fixed. The vendor has chosen responsible full disclosure to publish security issue details. Users of the software have already been provided with patched versions. Proof...

5.8CVSS0.4AI score0.02939EPSS
Exploits10
Packet Storm
Packet Storm
added 2013/03/14 12:0 a.m.70 views

Open-Xchange 6 XSS / LFI / SSRF / Hashing

Multiple security issues for Open-Xchange Server have been discovered and fixed. The vendor has chosen responsible full disclosure to publish security issue details. Users of the software have already been provided with patched versions. Proof regarding authenticity can be obtained from the...

5.8CVSS0.1AI score0.02939EPSS
Exploits10
Rows per page
Query Builder