Vulnerabilities > Open Xchange > Open Xchange Appsuite Office > High

DATE	CVE	VULNERABILITY TITLE	RISK
2023-08-02	CVE-2023-26439	SQL Injection vulnerability in Open-Xchange Appsuite Office 7.8.3 The cacheservice API could be abused to inject parameters with SQL syntax which was insufficiently sanitized before getting executed as SQL statement. local low complexity open-xchange CWE-89	7.8
2023-08-02	CVE-2023-26440	SQL Injection vulnerability in Open-Xchange Appsuite Office 7.8.3 The cacheservice API could be abused to indirectly inject parameters with SQL syntax which was insufficiently sanitized and would later be executed when creating new cache groups. local low complexity open-xchange CWE-89	7.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.