Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:0 a.m.6 views

CVE-2023-29048

A component for parsing OXMF templates could be abused to execute arbitrary system commands that would be executed as the non-privileged runtime user. Users and attackers could run system commands with limited privilege to gain unauthorized access to confidential information and potentially viola...

8.8CVSS7.9AI score0.0133EPSS
Exploits0References1
NVD
NVD
added 2024/01/08 9:15 a.m.25 views

CVE-2023-29051

User-defined OXMF templates could be used to access a limited part of the internal OX App Suite Java API. The existing switch to disable the feature by default was not effective in this case. Unauthorized users could discover and modify application state, including objects related to other users...

8.1CVSS8AI score0.00546EPSS
Exploits0References3
NVD
NVD
added 2024/01/08 9:15 a.m.26 views

CVE-2023-29048

A component for parsing OXMF templates could be abused to execute arbitrary system commands that would be executed as the non-privileged runtime user. Users and attackers could run system commands with limited privilege to gain unauthorized access to confidential information and potentially viola...

8.8CVSS9.2AI score0.0133EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/01/08 9:4 a.m.31 views

CVE-2023-29051

User-defined OXMF templates could be used to access a limited part of the internal OX App Suite Java API. The existing switch to disable the feature by default was not effective in this case. Unauthorized users could discover and modify application state, including objects related to other users...

8.1CVSS8.2AI score0.00546EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/01/08 9:4 a.m.2 views

CVE-2023-29051

User-defined OXMF templates could be used to access a limited part of the internal OX App Suite Java API. The existing switch to disable the feature by default was not effective in this case. Unauthorized users could discover and modify application state, including objects related to other users...

8.1CVSS8AI score0.00546EPSS
Exploits0References2
CVE
CVE
added 2024/01/08 9:4 a.m.81 views

CVE-2023-29051

CVE-2023-29051 affects Open-Xchange App Suite. User-defined OXMF templates could access a limited part of the internal Java API, with an ineffective default switch to disable template usage. This could allow unauthorized users to discover and modify application state, including objects tied to ot...

8.1CVSS7.9AI score0.00546EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2024/01/08 8:51 a.m.38 views

CVE-2023-29048

Open-Xchange App Suite (backend) is affected by CVE-2023-29048, impacting the Open-Xchange App Suite v7.10.x line (example reference cites 7.10.6-rev50). The root cause is a flaw in the OXMF template parser that could be abused to execute arbitrary system commands as the non-privileged runtime us...

8.8CVSS9.1AI score0.0133EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder