3 matches found
CVE-2024-23191
Upsell advertisement information of an account can be manipulated to execute script code in the context of the users browser session. To exploit this an attacker would require temporary access to a users account or an successful social engineering attack to lure users to maliciously configured...
CVE-2024-23191
Upsell advertisement information of an account can be manipulated to execute script code in the context of the users browser session. To exploit this an attacker would require temporary access to a users account or an successful social engineering attack to lure users to maliciously configured...
CVE-2024-23191
Open-Xchange App Suite (Ox App Suite) is affected. The vulnerability stems from controllable upsell content that can be manipulated to execute script code in a user’s browser session. Exploitation requires temporary access to a user’s account or a successful social engineering lure to a malicious...