Lucene search
RootSSV:61848HistoryMar 19, 2014 - 12:00 a.m.
Open-Xchange Server Email Subject脚本注入漏洞
2014-03-1900:00:00
Root
www.seebug.org
14
0.001 Low
EPSS
Percentile
49.9%
CVE ID:CVE-2014-2077
Open-Xchange Server是部分开源的项目,主要开发协同软件,例如电子邮件、日历等。
通过email主题传递的输入在使用前没有正确过滤,攻击者可以利用漏洞当恶意数据被访问时,在受影响站点上下文的用户浏览器会话中执行任意HTML和脚本代码。
0
Open-Xchange Server 7.x
Open-Xchange Server 7.4.1-rev10 or 7.4.2-rev8版本以修复此漏洞,建议用户下载使用:
Related
cvelist
cvelist
CVE-2014-2077
2014-03-20 16:00:00
prion
prion
Cross site scripting
2014-03-20 16:55:00
cve
cve
CVE-2014-2077
2014-03-20 16:55:16
openvas
openvas
Open-Xchange (OX) App Suite Email Subject Cross Site Scripting Vulnerability
2015-10-13 00:00:00
nvd
nvd
CVE-2014-2077
2014-03-20 16:55:16
securityvulns
securityvulns
Open-Xchange Security Advisory 2014-03-17
2014-03-24 00:00:00
OpenXchange crossite scripting
2014-03-24 00:00:00