Ox Guard Security Vulnerabilities and Issues — Ox Guard CVE List

Lucene search

Open-xchangeOx Guard

4 matches found

CVE•added 2016/12/15 6:59 a.m.•50 views

CVE-2016-6851

An issue was discovered in Open-Xchange OX Guard before 2.4.2-rev5. Script code can be provided as parameter to the OX Guard guest reader web application. This allows cross-site scripting attacks against arbitrary users since no prior authentication is needed. Malicious script code can be executed ...

6.1CVSS6.2AI score0.01374EPSS

CVE•added 2016/12/15 6:59 a.m.•40 views

CVE-2016-6853

An issue was discovered in Open-Xchange OX Guard before 2.4.2-rev5. Script code and references to external websites can be injected to the names of PGP public keys. When requesting that key later on using a specific URL, such script code might get executed. In case of injecting external websites, u...

6.1CVSS6.2AI score0.00869EPSS

CVE•added 2016/12/15 6:59 a.m.•38 views

CVE-2016-6854

An issue was discovered in Open-Xchange OX Guard before 2.4.2-rev5. Script code which got injected to a mail with inline PGP signature gets executed when verifying the signature. Malicious script code can be executed within a user's context. This can lead to session hijacking or triggering unwanted...

6.1CVSS6.2AI score0.00869EPSS

CVE•added 2020/06/15 3:15 p.m.•33 views

CVE-2020-9426

OX Guard 2.10.3 and earlier allows XSS.

6.1CVSS6.3AI score0.00509EPSS