Filtered by vendor Open-xchange
Subscribe
Total
252 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-26431 | 1 Open-xchange | 1 Open-xchange Appsuite Backend | 2024-11-21 | N/A | 5.0 MEDIUM |
IPv4-mapped IPv6 addresses did not get recognized as "local" by the code and a connection attempt is made. Attackers with access to user accounts could use this to bypass existing deny-list functionality and trigger requests to restricted network infrastructure to gain insight about topology and running services. We now respect possible IPV4-mapped IPv6 addresses when checking if contained in a deny-list. No publicly available exploits are known. | |||||
CVE-2023-26430 | 1 Open-xchange | 1 Open-xchange Appsuite Backend | 2024-11-21 | N/A | 3.5 LOW |
Attackers with access to user accounts can inject arbitrary control characters to SIEVE mail-filter rules. This could be abused to access SIEVE extension that are not allowed by App Suite or to inject rules which would break per-user filter processing, requiring manual cleanup of such rules. We have added sanitization to all mail-filter APIs to avoid forwardning control characters to subsystems. No publicly available exploits are known. | |||||
CVE-2023-26429 | 1 Open-xchange | 1 Open-xchange Appsuite Backend | 2024-11-21 | N/A | 3.5 LOW |
Control characters were not removed when exporting user feedback content. This allowed attackers to include unexpected content via user feedback and potentially break the exported data structure. We now drop all control characters that are not whitespace character during the export. No publicly available exploits are known. | |||||
CVE-2023-26428 | 1 Open-xchange | 1 Open-xchange Appsuite Backend | 2024-11-21 | N/A | 6.5 MEDIUM |
Attackers can successfully request arbitrary snippet IDs, including E-Mail signatures of other users within the same context. Signatures of other users could be read even though they are not explicitly shared. We improved permission handling when requesting snippets that are not explicitly shared with other users. No publicly available exploits are known. | |||||
CVE-2023-26427 | 1 Open-xchange | 1 Open-xchange Appsuite Backend | 2024-11-21 | N/A | 3.2 LOW |
Default permissions for a properties file were too permissive. Local system users could read potentially sensitive information. We updated the default permissions for noreply.properties set during package installation. No publicly available exploits are known. | |||||
CVE-2023-24605 | 1 Open-xchange | 1 Ox App Suite | 2024-11-21 | N/A | 4.2 MEDIUM |
OX App Suite before backend 7.10.6-rev37 does not enforce 2FA for all endpoints, e.g., reading from a drive, reading contact data, and renaming tokens. | |||||
CVE-2023-24604 | 1 Open-xchange | 1 Ox App Suite | 2024-11-21 | N/A | 4.3 MEDIUM |
OX App Suite before backend 7.10.6-rev37 does not check HTTP header lengths when downloading, e.g., potentially allowing a crafted iCal feed to provide an unlimited amount of header data. | |||||
CVE-2023-24603 | 1 Open-xchange | 1 Ox App Suite | 2024-11-21 | N/A | 6.5 MEDIUM |
OX App Suite before backend 7.10.6-rev37 does not check size limits when downloading, e.g., potentially allowing a crafted iCal feed to provide an unlimited amount of data. | |||||
CVE-2023-24602 | 1 Open-xchange | 1 Ox App Suite | 2024-11-21 | N/A | 6.1 MEDIUM |
OX App Suite before frontend 7.10.6-rev24 allows XSS via data to the Tumblr portal widget, such as a post title. | |||||
CVE-2023-24601 | 1 Open-xchange | 1 Ox App Suite | 2024-11-21 | N/A | 6.1 MEDIUM |
OX App Suite before frontend 7.10.6-rev24 allows XSS via a non-app deeplink such as the jslob API's registry sub-tree. | |||||
CVE-2023-24600 | 1 Open-xchange | 1 Ox App Suite | 2024-11-21 | N/A | 4.3 MEDIUM |
OX App Suite before backend 7.10.6-rev37 allows authenticated users to bypass access controls (for reading contacts) via a move to their own address book. | |||||
CVE-2023-24599 | 1 Open-xchange | 1 Ox App Suite | 2024-11-21 | N/A | 4.3 MEDIUM |
OX App Suite before backend 7.10.6-rev37 allows authenticated users to change the appointments of arbitrary users via conflicting ID numbers, aka "ID confusion." | |||||
CVE-2023-24598 | 1 Open-xchange | 1 Ox App Suite | 2024-11-21 | N/A | 4.3 MEDIUM |
OX App Suite before backend 7.10.6-rev37 has an information leak in the handling of distribution lists, e.g., partial disclosure of the private contacts of another user. | |||||
CVE-2023-24597 | 1 Open-xchange | 1 Ox App Suite | 2024-11-21 | N/A | 5.3 MEDIUM |
OX App Suite before frontend 7.10.6-rev24 allows the loading (without user consent) of an e-mail message's remote resources during printing. | |||||
CVE-2022-43699 | 1 Open-xchange | 1 Ox App Suite | 2024-11-21 | N/A | 4.3 MEDIUM |
OX App Suite before 7.10.6-rev30 allows SSRF because e-mail account discovery disregards the deny-list and thus can be attacked by an adversary who controls the DNS records of an external domain (found in the host part of an e-mail address). | |||||
CVE-2022-43698 | 1 Open-xchange | 1 Ox App Suite | 2024-11-21 | N/A | 4.3 MEDIUM |
OX App Suite before 7.10.6-rev30 allows SSRF because changing a POP3 account disregards the deny-list. | |||||
CVE-2022-43697 | 1 Open-xchange | 1 Ox App Suite | 2024-11-21 | N/A | 6.1 MEDIUM |
OX App Suite before 7.10.6-rev30 allows XSS via an activity tracking adapter defined by jslob. | |||||
CVE-2022-43696 | 1 Open-xchange | 1 Ox App Suite | 2024-11-21 | N/A | 6.1 MEDIUM |
OX App Suite before 7.10.6-rev20 allows XSS via upsell ads. | |||||
CVE-2022-37313 | 1 Open-xchange | 1 Open-xchange Appsuite | 2024-11-21 | N/A | 5.3 MEDIUM |
OX App Suite through 7.10.6 allows SSRF because the anti-SSRF protection mechanism only checks the first DNS AA or AAAA record. | |||||
CVE-2022-37312 | 1 Open-xchange | 1 Open-xchange Appsuite | 2024-11-21 | N/A | 5.3 MEDIUM |
OX App Suite through 7.10.6 has Uncontrolled Resource Consumption via a large request body containing a redirect URL to the deferrer servlet. |