Vulnerabilities > Open Xchange > OX Guard > 2.10.3

DATE CVE VULNERABILITY TITLE RISK
2023-11-02 CVE-2023-26456 Cross-site Scripting vulnerability in Open-Xchange OX Guard
Users were able to set an arbitrary "product name" for OX Guard.
network
low complexity
open-xchange CWE-79
5.4
5.4
2021-04-30 CVE-2020-28944 Resource Exhaustion vulnerability in Open-Xchange OX Guard
OX Guard 2.10.4 and earlier allows a Denial of Service via a WKS server that responds slowly or with a large amount of data.
network
low complexity
open-xchange CWE-400
7.5
7.5
2020-06-15 CVE-2020-9427 Server-Side Request Forgery (SSRF) vulnerability in Open-Xchange OX Guard 2.10.3
OX Guard 2.10.3 and earlier allows SSRF.
network
low complexity
open-xchange CWE-918
5.0
5.0
2020-06-15 CVE-2020-9426 Cross-site Scripting vulnerability in Open-Xchange OX Guard 2.10.3
OX Guard 2.10.3 and earlier allows XSS.
network
low complexity
open-xchange CWE-79
6.1
6.1