Open-xchange Server Security Vulnerabilities and Issues — Open-xchange Server CVE List

Lucene search

Open-xchangeOpen-xchange Server

3 matches found

CVE•added 2013/09/05 11:44 a.m.•44 views

CVE-2013-2582

CRLF injection vulnerability in the redirect servlet in Open-Xchange AppSuite and Server before 6.22.0 rev15, 6.22.1 before rev17, 7.0.1 before rev6, and 7.0.2 before rev7 allows remote attackers to inject arbitrary HTTP headers and conduct open redirect attacks by leveraging improper sanitization ...

5CVSS7.2AI score0.00245EPSS

CVE•added 2013/09/05 11:44 a.m.•42 views

CVE-2013-1651

OXUpdater in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof update servers and install arbitrary software via a crafted certificate.

5.8CVSS6.4AI score0.0033EPSS

CVE•added 2013/09/05 11:44 a.m.•41 views

CVE-2013-1647

Multiple CRLF injection vulnerabilities in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 allow remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted parameter, as demonstrated by (1) the location parameter...

5CVSS7.1AI score0.00758EPSS