Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2013-09-05	CVE-2013-1645	Path Traversal vulnerability in Open-Xchange Server 6.20.7/6.22.0/6.22.1 Directory traversal vulnerability in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 allows remote authenticated users to read arbitrary files via a .. network low complexity open-xchange CWE-22	4.0
2006-01-05	CVE-2006-0091	Cross-Site Scripting vulnerability in Open-Xchange Cross-site scripting (XSS) vulnerability in webmail in Open-Xchange 0.8.1-6 and earlier, with "Inline HTML" enabled, allows remote attackers to inject arbitrary web script or HTML via e-mail attachments, which are rendered inline. network open-xchange	4.3