Vulnerabilities > Open Xchange > Open Xchange Appsuite > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-12-15 | CVE-2016-4027 | Information Exposure vulnerability in Open-Xchange Appsuite An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev10. | 3.5 |
| 2016-12-15 | CVE-2016-6848 | 7PK - Security Features vulnerability in Open-Xchange Appsuite An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. | 1.9 |
| 2013-10-03 | CVE-2013-5690 | Cross-Site Scripting vulnerability in Open-Xchange Appsuite Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange AppSuite before 7.2.2 allow remote authenticated users to inject arbitrary web script or HTML via (1) content with the text/xml MIME type or (2) the Status comment field of an appointment. | 3.5 |
| 2013-09-05 | CVE-2013-4790 | Credentials Management vulnerability in Open-Xchange Appsuite Open-Xchange AppSuite before 7.0.2 rev14, 7.2.0 before rev11, 7.2.1 before rev10, and 7.2.2 before rev9 relies on user-supplied data to predict the IMAP server hostname for an external domain name, which allows remote authenticated users to discover e-mail credentials of other users in opportunistic circumstances via a manual-mode association of a personal e-mail address with the hostname of a crafted IMAP server. | 3.5 |
| 2013-09-05 | CVE-2013-5698 | Cross-Site Scripting vulnerability in Open-Xchange Appsuite and Open-Xchange Server Cross-site scripting (XSS) vulnerability in Open-Xchange AppSuite and Server before 6.22.0 rev16, 6.22.1 before rev19, 7.0.1 before rev7, 7.0.2 before rev11, and 7.2.0 before rev8 allows remote authenticated users to inject arbitrary web script or HTML via a delivery=view action, aka Bug ID 26373, a different vulnerability than CVE-2013-3106. | 3.5 |