Open-xchange Appsuite@7.10.4 Security Vulnerabilities and Issues — Open-xchange Appsuite@7.10.4 CVE List

Lucene search

Open-xchangeOpen-xchange Appsuite7.10.4

4 matches found

CVE•added 2021/07/22 5:15 p.m.•44 views

CVE-2021-37402

OX App Suite before 7.10.3-rev32 and 7.10.4 before 7.10.4-rev18 allows XSS via binary data that is mishandled when the legacy dataretrieval endpoint has been enabled.

6.1CVSS6AI score0.00978EPSS

CVE•added 2021/07/22 5:15 p.m.•41 views

CVE-2021-26699

OX App Suite before 7.10.3-rev4 and 7.10.4 before 7.10.4-rev4 allows SSRF via a shared SVG document that is mishandled by the imageconverter component when the .png extension is used.

5.8CVSS5.4AI score0.00473EPSS

CVE•added 2021/07/22 5:15 p.m.•39 views

CVE-2021-26698

OX App Suite before 7.10.3-rev32 and 7.10.4 before 7.10.4-rev18 allows XSS via a code snippet (user-generated content) when a sharing link is created and the dl parameter is used.

6.1CVSS6AI score0.01456EPSS

CVE•added 2021/07/22 5:15 p.m.•29 views

CVE-2021-37403

OX App Suite before 7.10.3-rev32 and 7.10.4 before 7.10.4-rev18 allows XSS via a code snippet (user-generated content) when a sharing link is created and an App Loader relative URL is used.

6.1CVSS6AI score0.01094EPSS