VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Open Xchange
>
Open Xchange Appsuite
> 7.10.1
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2020-08-31
CVE-2020-12644
Server-Side Request Forgery (SSRF) vulnerability in Open-Xchange Appsuite
OX App Suite 7.10.3 and earlier allows SSRF, related to the mail account API and the /folder/list API.
network
low complexity
open-xchange
CWE-918
4.0
4.0
2020-08-31
CVE-2020-12643
Incorrect Authorization vulnerability in Open-Xchange Appsuite
OX App Suite 7.10.3 and earlier has Incorrect Access Control via an /api/subscriptions request for a snippet containing an email address.
network
low complexity
open-xchange
CWE-863
4.0
4.0
2020-06-16
CVE-2020-8544
Server-Side Request Forgery (SSRF) vulnerability in Open-Xchange Appsuite 7.8.4
OX App Suite through 7.10.3 allows SSRF.
network
low complexity
open-xchange
CWE-918
4.0
4.0
2020-06-16
CVE-2020-8543
Resource Exhaustion vulnerability in Open-Xchange Appsuite 7.10.1/7.8.4
OX App Suite through 7.10.3 has Improper Input Validation.
network
low complexity
open-xchange
CWE-400
5.0
5.0
2020-06-16
CVE-2020-8542
Cross-site Scripting vulnerability in Open-Xchange Appsuite 7.10.1/7.10.2/7.10.3
OX App Suite through 7.10.3 allows XSS.
network
open-xchange
CWE-79
3.5
3.5
2020-06-16
CVE-2020-8541
XXE vulnerability in Open-Xchange Appsuite 7.10.1/7.10.2/7.10.3
OX App Suite through 7.10.3 allows XXE attacks.
network
low complexity
open-xchange
CWE-611
4.0
4.0
2020-02-21
CVE-2019-18846
Server-Side Request Forgery (SSRF) vulnerability in Open-Xchange Appsuite
OX App Suite through 7.10.2 allows SSRF.
network
low complexity
open-xchange
CWE-918
4.0
4.0
2020-01-06
CVE-2019-16717
Cross-site Scripting vulnerability in Open-Xchange Appsuite
OX App Suite through 7.10.2 has XSS.
network
open-xchange
CWE-79
4.3
4.3
2020-01-06
CVE-2019-16716
Incorrect Default Permissions vulnerability in Open-Xchange Appsuite
OX App Suite through 7.10.2 has Incorrect Access Control.
network
open-xchange
CWE-276
8.5
8.5
2019-10-14
CVE-2019-14227
Cross-site Scripting vulnerability in Open-Xchange Appsuite 7.10.1/7.10.2
OX App Suite 7.10.1 and 7.10.2 allows XSS.
network
open-xchange
CWE-79
4.3
4.3
«
Previous
1
2
3
4
(current)
5
»
Next