Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Open-xchange Subscribe
Filtered by product Ox App Suite
Total 45 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-33489 1 Open-xchange 1 Ox App Suite 2023-12-10 4.3 MEDIUM 6.1 MEDIUM
OX App Suite through 7.10.5 allows XSS via JavaScript code in a shared XCF file.
CVE-2021-33495 1 Open-xchange 1 Ox App Suite 2023-12-10 4.3 MEDIUM 6.1 MEDIUM
OX App Suite 7.10.5 allows XSS via an OX Chat system message.
CVE-2021-38376 1 Open-xchange 1 Ox App Suite 2023-12-10 5.0 MEDIUM 5.3 MEDIUM
OX App Suite through 7.10.5 has Incorrect Access Control for retrieval of session information via the rampup action of the login API call.
CVE-2021-33488 1 Open-xchange 1 Ox App Suite 2023-12-10 5.8 MEDIUM 6.1 MEDIUM
chat in OX App Suite 7.10.5 has Improper Input Validation. A user can be redirected to a rogue OX Chat server via a development-related hook.
CVE-2021-38375 1 Open-xchange 1 Ox App Suite 2023-12-10 4.3 MEDIUM 6.1 MEDIUM
OX App Suite through 7.10.5 allows XSS via the alt attribute of an IMG element in a truncated e-mail message.