Open-xchange Appsuite Backend Security Vulnerabilities and Issues — Open-xchange Appsuite Backend CVE List

Lucene search

Open-xchangeOpen-xchange Appsuite Backend

3 matches found

CVE•added 2023/06/20 8:15 a.m.•32 views

CVE-2023-26429

Control characters were not removed when exporting user feedback content. This allowed attackers to include unexpected content via user feedback and potentially break the exported data structure. We now drop all control characters that are not whitespace character during the export. No publicly ava...

5.3CVSS5.3AI score0.00135EPSS

CVE•added 2023/06/20 8:15 a.m.•30 views

CVE-2023-26431

IPv4-mapped IPv6 addresses did not get recognized as "local" by the code and a connection attempt is made. Attackers with access to user accounts could use this to bypass existing deny-list functionality and trigger requests to restricted network infrastructure to gain insight about topology and ru...

5CVSS4.9AI score0.00188EPSS

CVE•added 2023/06/20 8:15 a.m.•29 views

CVE-2023-26435

It was possible to call filesystem and network references using the local LibreOffice instance using manipulated ODT documents. Attackers could discover restricted network topology and services as well as including local files with read permissions of the open-xchange system user. This was limited ...

5CVSS4.9AI score0.00132EPSS