Open-xchange Gmbh Security Vulnerabilities

CVE-2023-29045

Documents operations, in this case "drawing", could be manipulated to contain invalid data types, possibly script code. Script code could be injected to an operation that would be executed for users that are actively collaborating on the same document. Operation data exchanged between...

CVE-2023-29046

Connections to external data sources, like e-mail autoconfiguration, were not terminated in case they hit a timeout, instead those connections were logged. Some connections use user-controlled endpoints, which could be malicious and attempt to keep the connection open for an extended period of...

CVE-2023-26451

Functions with insufficient randomness were used to generate authorization tokens of the integrated oAuth Authorization Service. Authorization codes were predictable for third parties and could be used to intercept and take over the client authorization process. As a result, other users accounts...

CVE-2017-13667

OX Software GmbH OX App Suite 7.8.4 and earlier is affected by:...

CVE-2017-13668

OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Cross Site Scripting...

CVE-2017-15030

Open-Xchange GmbH OX App Suite 7.8.4 and earlier is affected by: Cross Site Scripting...

CVE-2017-5213

Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Cross Site Scripting...

CVE-2017-5211

Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Content...

CVE-2017-15029

Open-Xchange GmbH OX App Suite 7.8.4 and earlier is affected by:...

CVE-2017-17060

OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Insecure...

CVE-2017-17061

OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Cross Site Scripting...

CVE-2017-5210

Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Information...

CVE-2017-5212

Open-Xchange GmbH OX App Suite 7.8.3 is affected by: Incorrect Access...

CVE-2017-5863

Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Incorrect Access...

CVE-2017-8340

Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Incorrect Access...

CVE-2017-9808

OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Cross Site Scripting...

CVE-2017-6912

Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Incorrect Access...

CVE-2017-8341

Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Content...

CVE-2017-8777

Open-Xchange GmbH OX Cloud Plugins 1.4.0 and earlier is affected by: Missing...

CVE-2017-5864

Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Cross Site Scripting...

CVE-2017-9809

OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Information...

CVE-2017-12884

OX Software GmbH App Suite 7.8.4 and earlier is affected by: Information...

CVE-2017-12885

OX Software GmbH App Suite 7.8.4 and earlier is affected by: Cross Site Scripting...