Vulnerabilities > Open Xchange > OX Guard

DATE CVE VULNERABILITY TITLE RISK
2023-11-02 CVE-2023-26456 Cross-site Scripting vulnerability in Open-Xchange OX Guard
Users were able to set an arbitrary "product name" for OX Guard.
network
low complexity
open-xchange CWE-79
5.4
5.4
2020-06-15 CVE-2020-9427 Server-Side Request Forgery (SSRF) vulnerability in Open-Xchange OX Guard 2.10.3
OX Guard 2.10.3 and earlier allows SSRF.
network
low complexity
open-xchange CWE-918
4.0
4.0
2020-06-15 CVE-2020-9426 Cross-site Scripting vulnerability in Open-Xchange OX Guard 2.10.3
OX Guard 2.10.3 and earlier allows XSS. 		4.3
4.3
2019-07-03 CVE-2018-10986 Cross-Site Request Forgery (CSRF) vulnerability in Open-Xchange OX Guard 2.8.0
OX Guard 2.8.0 has CSRF. 		6.8
6.8
2016-12-15 CVE-2016-6854 Cross-site Scripting vulnerability in Open-Xchange OX Guard
An issue was discovered in Open-Xchange OX Guard before 2.4.2-rev5. 		4.3
4.3
2016-12-15 CVE-2016-6853 Cross-site Scripting vulnerability in Open-Xchange OX Guard
An issue was discovered in Open-Xchange OX Guard before 2.4.2-rev5. 		4.3
4.3
2016-12-15 CVE-2016-6851 Cross-site Scripting vulnerability in Open-Xchange OX Guard
An issue was discovered in Open-Xchange OX Guard before 2.4.2-rev5. 		4.3
4.3
2016-12-15 CVE-2016-4028 Credentials Management vulnerability in Open-Xchange OX Guard
An issue was discovered in Open-Xchange OX Guard before 2.4.0-rev8. 		3.5
3.5
2016-12-15 CVE-2015-8542 Key Management Errors vulnerability in Open-Xchange OX Guard 2.0.0
An issue was discovered in Open-Xchange Guard before 2.2.0-rev8.
network
low complexity
open-xchange CWE-320
4.0
4.0
2015-11-19 CVE-2015-7385 Cross-site Scripting vulnerability in Open-Xchange OX Guard 2.0.0
Cross-site scripting (XSS) vulnerability in Open-Xchange OX Guard before 2.0.0-rev11 allows remote attackers to inject arbitrary web script or HTML via the uid field in a PGP public key, which is not properly handled in "Guard PGP Settings." 		4.3
4.3