Vulnerabilities (CVE)

Vendor filter

Open-xchange Subscribe

Product filter

Open-xchange Appsuite Subscribe

Filter

91 total CVE
CVE Vendors Products Updated CVSS
CVE-2017-9809 1 Open-xchange 1 Open-xchange Appsuite 2019-05-23 5.0
OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Information Exposure.
CVE-2017-5864 1 Open-xchange 1 Open-xchange Appsuite 2019-05-23 4.3
Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Cross Site Scripting (XSS).
CVE-2017-5863 1 Open-xchange 1 Open-xchange Appsuite 2019-05-23 7.5
Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Incorrect Access Control.
CVE-2017-6912 1 Open-xchange 1 Open-xchange Appsuite 2019-05-23 6.5
Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Incorrect Access Control.
CVE-2017-8340 1 Open-xchange 1 Open-xchange Appsuite 2019-05-23 6.5
Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Incorrect Access Control.
CVE-2017-8341 1 Open-xchange 1 Open-xchange Appsuite 2019-05-23 5.0
Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Content Spoofing.
CVE-2017-9808 1 Open-xchange 1 Open-xchange Appsuite 2019-05-23 4.3
OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Cross Site Scripting (XSS).
CVE-2017-12884 1 Open-xchange 1 Open-xchange Appsuite 2019-05-10 5.0
OX Software GmbH App Suite 7.8.4 and earlier is affected by: Information Exposure.
CVE-2017-12885 1 Open-xchange 1 Open-xchange Appsuite 2019-05-10 4.3
OX Software GmbH App Suite 7.8.4 and earlier is affected by: Cross Site Scripting (XSS).
CVE-2014-2078 1 Open-xchange 1 Open-xchange Appsuite 2019-04-26 5.0
The backend in Open-Xchange (OX) AppSuite 7.4.2 before 7.4.2-rev9 allows remote attackers to obtain sensitive information about user email addresses in opportunistic circumstances by leveraging a failure in e-mail auto configuration for external accounts.
CVE-2018-12611 1 Open-xchange 1 Open-xchange Appsuite 2019-01-31 4.3
OX App Suite 7.8.4 and earlier allows Directory Traversal.
CVE-2018-12610 1 Open-xchange 1 Open-xchange Appsuite 2019-01-31 5.0
OX App Suite 7.8.4 and earlier allows Information Exposure.
CVE-2018-12609 1 Open-xchange 1 Open-xchange Appsuite 2019-01-31 4.0
OX App Suite 7.8.4 and earlier allows Server-Side Request Forgery.
CVE-2014-5237 1 Open-xchange 2 Open-xchange Appsuite, App Suite 2018-12-18 4.3
Server-side request forgery (SSRF) vulnerability in the documentconverter component in Open-Xchange (OX) AppSuite before 7.4.2-rev10 and 7.6.x before 7.6.0-rev10 allows remote attackers to trigger requests to arbitrary servers and embed arbitrary...
CVE-2017-6913 1 Open-xchange 1 Open-xchange Appsuite 2018-11-08 4.3
Cross-site scripting (XSS) vulnerability in the Open-Xchange webmail before 7.6.3-rev28 allows remote attackers to inject arbitrary web script or HTML via the event attribute in a time tag.
CVE-2016-5740 1 Open-xchange 1 Open-xchange Appsuite 2018-10-19 4.3
An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev5. JavaScript code can be used as part of ical attachments within scheduling E-Mails. This content, for example an appointment's location, will be presented to the user at the...
CVE-2016-5124 1 Open-xchange 1 Open-xchange Appsuite 2018-10-19 4.3
An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev14. Adding images from external sources to HTML editors by drag&drop can potentially lead to script code execution in the context of the active user. To exploit this, a user...
CVE-2016-4048 1 Open-xchange 1 Open-xchange Appsuite 2018-10-19 4.3
An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev11. Custom messages can be shown at the login screen to notify external users about issues with sharing links. This mechanism can be abused to inject arbitrary text messages....
CVE-2016-4047 1 Open-xchange 1 Open-xchange Appsuite 2018-10-19 4.0
An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev8. References to external Open XML document type definitions (.dtd resources) can be placed within .docx and .xslx files. Those resources were requested when parsing certain...
CVE-2016-4046 1 Open-xchange 1 Open-xchange Appsuite 2018-10-19 5.0
An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev11. The API to configure external mail accounts can be abused to map and access network components within the trust boundary of the operator. Users can inject arbitrary hosts...