6 matches found
CVE-2023-26450
The "OX Count" web service did not specify a media-type when processing responses by external resources. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface and API. To exploit this an attacker...
CVE-2023-26450
The "OX Count" web service did not specify a media-type when processing responses by external resources. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface and API. To exploit this an attacker...
CVE-2023-26450
The "OX Count" web service did not specify a media-type when processing responses by external resources. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface and API. To exploit this an attacker...
CVE-2023-26450
The "OX Count" web service did not specify a media-type when processing responses by external resources. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface and API. To exploit this an attacker...
CVE-2023-26450
Open-Xchange CVE-2023-26450 affects the OX Count web service in Open-Xchange AppSuite. The root cause is that the OX Count service did not specify a media-type when processing responses from external resources, enabling malicious script code to execute in the victim’s context and potentially lead...
PT-2023-20643 · Unknown · Ox Count Web Service
Name of the Vulnerable Software and Affected Versions: OX Count web service affected versions not specified Description: The issue arises from the OX Count web service not specifying a media-type when processing responses from external resources. This allows malicious script code to be executed...