Vulnerabilities > Open Xchange > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-12-15 | CVE-2016-4048 | Content Spoofing vulnerability in Open-Xchange AppSuite An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev11. network open-xchange | 4.3 |
| 2016-12-15 | CVE-2016-4047 | Information Exposure vulnerability in Open-Xchange Appsuite An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev8. | 4.0 |
| 2016-12-15 | CVE-2016-4046 | Server-Side Request Forgery (SSRF) vulnerability in Open-Xchange Appsuite An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev11. | 5.0 |
| 2016-12-15 | CVE-2016-4045 | Cross-site Scripting vulnerability in Open-Xchange Appsuite An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev11. | 4.3 |
| 2016-12-15 | CVE-2016-4026 | Cross-site Scripting vulnerability in Open-Xchange Appsuite An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev11. | 4.3 |
| 2016-12-15 | CVE-2016-3174 | Open Redirect vulnerability in Open-Xchange Appsuite An issue was discovered in Open-Xchange OX AppSuite before 7.8.0-rev27. | 4.3 |
| 2016-12-15 | CVE-2016-2840 | Cross-site Scripting vulnerability in Open-Xchange Appsuite An issue was discovered in Open-Xchange Server 6 / OX AppSuite before 7.8.0-rev26. | 4.3 |
| 2016-12-15 | CVE-2015-8542 | Key Management Errors vulnerability in Open-Xchange OX Guard 2.0.0 An issue was discovered in Open-Xchange Guard before 2.2.0-rev8. | 4.0 |
| 2015-11-19 | CVE-2015-7385 | Cross-site Scripting vulnerability in Open-Xchange OX Guard 2.0.0 Cross-site scripting (XSS) vulnerability in Open-Xchange OX Guard before 2.0.0-rev11 allows remote attackers to inject arbitrary web script or HTML via the uid field in a PGP public key, which is not properly handled in "Guard PGP Settings." | 4.3 |
| 2015-09-28 | CVE-2015-5375 | Cross-site Scripting vulnerability in Open-Xchange Appsuite and Open-Xchange Server Cross-site scripting (XSS) vulnerability in unspecified dialogs for printing content in the Front End in Open-Xchange Server 6 and OX App Suite before 6.22.8-rev8, 6.22.9 before 6.22.9-rev15m, 7.x before 7.6.1-rev25, and 7.6.2 before 7.6.2-rev20 allows remote attackers to inject arbitrary web script or HTML via unknown vectors related to object properties. | 4.3 |