Open-xchange Appsuite Security Vulnerabilities and Issues — Open-xchange Appsuite CVE List

Lucene search

Open-xchangeOpen-xchange Appsuite

4 matches found

CVE•added 2020/08/31 3:15 p.m.•34 views

CVE-2020-12645

OX App Suite 7.10.1 to 7.10.3 has improper input validation for rate limits with a crafted User-Agent header, spoofed vacation notices, and /apps/load memory consumption.

9.8CVSS9.2AI score0.0034EPSS

CVE•added 2020/08/31 3:15 p.m.•33 views

CVE-2020-12646

OX App Suite 7.10.3 and earlier allows XSS via text/x-javascript, text/rdf, or a PDF document.

5.4CVSS5.2AI score0.00343EPSS

CVE•added 2020/08/31 3:15 p.m.•30 views

CVE-2020-12643

OX App Suite 7.10.3 and earlier has Incorrect Access Control via an /api/subscriptions request for a snippet containing an email address.

4.3CVSS4.8AI score0.00149EPSS

CVE•added 2020/08/31 3:15 p.m.•30 views

CVE-2020-12644

OX App Suite 7.10.3 and earlier allows SSRF, related to the mail account API and the /folder/list API.

5CVSS5.1AI score0.00149EPSS