Vulnerabilities > Open Xchange > Open Xchange Appsuite

DATE CVE VULNERABILITY TITLE RISK
2020-01-06 CVE-2019-16716 Incorrect Default Permissions vulnerability in Open-Xchange Appsuite
OX App Suite through 7.10.2 has Incorrect Access Control.
network
high complexity
open-xchange CWE-276
6.6
6.6
2020-01-02 CVE-2013-7486 Cross-site Scripting vulnerability in Open-Xchange Appsuite 7.2.2/7.4.0
Cross-site scripting (XSS) vulnerability in the backend in Open-Xchange (OX) AppSuite 7.2.x before 7.2.2-rev27 and 7.4.x before 7.4.0-rev20 allows remote attackers to inject arbitrary web script or HTML via the body of an email.
network
low complexity
open-xchange CWE-79
6.1
6.1
2020-01-02 CVE-2013-7485 Cross-site Scripting vulnerability in Open-Xchange Appsuite 7.2.2/7.4.0
Cross-site scripting (XSS) vulnerability in the backend in Open-Xchange (OX) AppSuite 7.2.x before 7.2.2-rev26 and 7.4.x before 7.4.0-rev16 allows remote attackers to inject arbitrary web script or HTML via the publication name, which is not properly handled in an error message.
network
low complexity
open-xchange CWE-79
6.1
6.1
2020-01-02 CVE-2013-6242 Cross-site Scripting vulnerability in Open-Xchange Appsuite
Cross-site scripting (XSS) vulnerability in the frontend in Open-Xchange (OX) AppSuite 6.22.3 before 6.22.3-rev5 and 6.22.4 before 6.22.4-rev12 allows remote attackers to inject arbitrary web script or HTML via the subject of an email.
network
low complexity
open-xchange CWE-79
6.1
6.1
2019-10-14 CVE-2019-14227 Cross-site Scripting vulnerability in Open-Xchange Appsuite 7.10.1/7.10.2
OX App Suite 7.10.1 and 7.10.2 allows XSS.
network
low complexity
open-xchange CWE-79
6.1
6.1
2019-10-14 CVE-2019-14226 Improper Preservation of Permissions vulnerability in Open-Xchange Appsuite
OX App Suite through 7.10.2 has Insecure Permissions.
network
low complexity
open-xchange CWE-281
8.1
8.1
2019-10-14 CVE-2019-14225 Server-Side Request Forgery (SSRF) vulnerability in Open-Xchange Appsuite 7.10.1/7.10.2
OX App Suite 7.10.1 and 7.10.2 allows SSRF.
network
low complexity
open-xchange CWE-918
5.4
5.4
2019-08-20 CVE-2019-11806 Incorrect Permission Assignment for Critical Resource vulnerability in Open-Xchange Appsuite
OX App Suite 7.10.1 and earlier has Insecure Permissions.
local
low complexity
open-xchange CWE-732
3.3
3.3
2019-08-20 CVE-2019-11522 Cross-site Scripting vulnerability in Open-Xchange Appsuite 7.10.0/7.10.1
OX App Suite 7.10.0 to 7.10.2 allows XSS.
network
low complexity
open-xchange CWE-79
5.4
5.4
2019-08-20 CVE-2019-11521 Improper Privilege Management vulnerability in Open-Xchange Appsuite 7.10.1
OX App Suite 7.10.1 allows Content Spoofing.
network
low complexity
open-xchange CWE-269
8.1
8.1