Total
45 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-33489 | 1 Open-xchange | 1 Ox App Suite | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
OX App Suite through 7.10.5 allows XSS via JavaScript code in a shared XCF file. | |||||
CVE-2021-33495 | 1 Open-xchange | 1 Ox App Suite | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
OX App Suite 7.10.5 allows XSS via an OX Chat system message. | |||||
CVE-2021-38376 | 1 Open-xchange | 1 Ox App Suite | 2023-12-10 | 5.0 MEDIUM | 5.3 MEDIUM |
OX App Suite through 7.10.5 has Incorrect Access Control for retrieval of session information via the rampup action of the login API call. | |||||
CVE-2021-33488 | 1 Open-xchange | 1 Ox App Suite | 2023-12-10 | 5.8 MEDIUM | 6.1 MEDIUM |
chat in OX App Suite 7.10.5 has Improper Input Validation. A user can be redirected to a rogue OX Chat server via a development-related hook. | |||||
CVE-2021-38375 | 1 Open-xchange | 1 Ox App Suite | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
OX App Suite through 7.10.5 allows XSS via the alt attribute of an IMG element in a truncated e-mail message. |