Vulnerabilities > Open Xchange > OX Guard > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-11-02 | CVE-2023-26456 | Cross-site Scripting vulnerability in Open-Xchange OX Guard Users were able to set an arbitrary "product name" for OX Guard. | 5.4 |
2020-06-15 | CVE-2020-9427 | Server-Side Request Forgery (SSRF) vulnerability in Open-Xchange OX Guard 2.10.3 OX Guard 2.10.3 and earlier allows SSRF. | 4.0 |
2020-06-15 | CVE-2020-9426 | Cross-site Scripting vulnerability in Open-Xchange OX Guard 2.10.3 OX Guard 2.10.3 and earlier allows XSS. | 4.3 |
2019-07-03 | CVE-2018-10986 | Cross-Site Request Forgery (CSRF) vulnerability in Open-Xchange OX Guard 2.8.0 OX Guard 2.8.0 has CSRF. | 6.8 |
2016-12-15 | CVE-2016-6854 | Cross-site Scripting vulnerability in Open-Xchange OX Guard An issue was discovered in Open-Xchange OX Guard before 2.4.2-rev5. | 4.3 |
2016-12-15 | CVE-2016-6853 | Cross-site Scripting vulnerability in Open-Xchange OX Guard An issue was discovered in Open-Xchange OX Guard before 2.4.2-rev5. | 4.3 |
2016-12-15 | CVE-2016-6851 | Cross-site Scripting vulnerability in Open-Xchange OX Guard An issue was discovered in Open-Xchange OX Guard before 2.4.2-rev5. | 4.3 |
2016-12-15 | CVE-2015-8542 | Key Management Errors vulnerability in Open-Xchange OX Guard 2.0.0 An issue was discovered in Open-Xchange Guard before 2.2.0-rev8. | 4.0 |
2015-11-19 | CVE-2015-7385 | Cross-site Scripting vulnerability in Open-Xchange OX Guard 2.0.0 Cross-site scripting (XSS) vulnerability in Open-Xchange OX Guard before 2.0.0-rev11 allows remote attackers to inject arbitrary web script or HTML via the uid field in a PGP public key, which is not properly handled in "Guard PGP Settings." | 4.3 |