Vulnerabilities (CVE)

Filtered by vendor Open-xchange Subscribe
Total 252 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2014-5238 1 Open-xchange 1 Open-xchange Appsuite 2024-02-28 6.8 MEDIUM 7.8 HIGH
XML external entity (XXE) vulnerability in Open-Xchange (OX) AppSuite before 7.4.2-rev11 and 7.6.x before 7.6.0-rev9 allows remote attackers to read arbitrary files and possibly other unspecified impact via a crafted OpenDocument Text document.
CVE-2019-14225 1 Open-xchange 1 Open-xchange Appsuite 2024-02-28 5.5 MEDIUM 5.4 MEDIUM
OX App Suite 7.10.1 and 7.10.2 allows SSRF.
CVE-2013-7486 1 Open-xchange 1 Open-xchange Appsuite 2024-02-28 4.3 MEDIUM 6.1 MEDIUM
Cross-site scripting (XSS) vulnerability in the backend in Open-Xchange (OX) AppSuite 7.2.x before 7.2.2-rev27 and 7.4.x before 7.4.0-rev20 allows remote attackers to inject arbitrary web script or HTML via the body of an email. NOTE: this vulnerability was SPLIT from CVE-2013-6242 because it affects different sets of versions.
CVE-2017-15030 1 Open-xchange 1 Open-xchange Appsuite 2024-02-28 4.3 MEDIUM 6.1 MEDIUM
Open-Xchange GmbH OX App Suite 7.8.4 and earlier is affected by: Cross Site Scripting (XSS).
CVE-2017-8341 1 Open-xchange 1 Open-xchange Appsuite 2024-02-28 5.0 MEDIUM 5.3 MEDIUM
Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Content Spoofing.
CVE-2017-5212 1 Open-xchange 1 Open-xchange Appsuite 2024-02-28 7.5 HIGH 9.8 CRITICAL
Open-Xchange GmbH OX App Suite 7.8.3 is affected by: Incorrect Access Control.
CVE-2019-11522 1 Open-xchange 1 Open-xchange Appsuite 2024-02-28 3.5 LOW 5.4 MEDIUM
OX App Suite 7.10.0 to 7.10.2 allows XSS.
CVE-2017-5864 1 Open-xchange 1 Open-xchange Appsuite 2024-02-28 4.3 MEDIUM 6.1 MEDIUM
Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Cross Site Scripting (XSS).
CVE-2019-11806 1 Open-xchange 1 Open-xchange Appsuite 2024-02-28 2.1 LOW 3.3 LOW
OX App Suite 7.10.1 and earlier has Insecure Permissions.
CVE-2018-13104 1 Open-xchange 1 Open-xchange Appsuite 2024-02-28 3.5 LOW 5.4 MEDIUM
OX App Suite 7.8.4 and earlier allows XSS. Internal reference: 58742 (Bug ID)
CVE-2017-15029 1 Open-xchange 1 Open-xchange Appsuite 2024-02-28 4.0 MEDIUM 4.3 MEDIUM
Open-Xchange GmbH OX App Suite 7.8.4 and earlier is affected by: SSRF.
CVE-2017-5210 1 Open-xchange 1 Open-xchange Appsuite 2024-02-28 5.0 MEDIUM 9.8 CRITICAL
Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Information Exposure.
CVE-2017-9808 1 Open-xchange 1 Open-xchange Appsuite 2024-02-28 4.3 MEDIUM 6.1 MEDIUM
OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Cross Site Scripting (XSS).
CVE-2017-12885 1 Open-xchange 1 Open-xchange Appsuite 2024-02-28 4.3 MEDIUM 6.1 MEDIUM
OX Software GmbH App Suite 7.8.4 and earlier is affected by: Cross Site Scripting (XSS).
CVE-2017-8340 1 Open-xchange 1 Open-xchange Appsuite 2024-02-28 6.5 MEDIUM 8.8 HIGH
Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Incorrect Access Control.
CVE-2017-17061 1 Open-xchange 1 Open-xchange Appsuite 2024-02-28 3.5 LOW 5.4 MEDIUM
OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Cross Site Scripting (XSS).
CVE-2017-9809 1 Open-xchange 1 Open-xchange Appsuite 2024-02-28 5.0 MEDIUM 5.3 MEDIUM
OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Information Exposure.
CVE-2017-13668 1 Open-xchange 1 Open-xchange Appsuite 2024-02-28 3.5 LOW 5.4 MEDIUM
OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Cross Site Scripting (XSS).
CVE-2019-7158 1 Open-xchange 1 Open-xchange Appsuite 2024-02-28 7.5 HIGH 9.8 CRITICAL
OX App Suite 7.10.0 and earlier has Incorrect Access Control.
CVE-2017-5863 1 Open-xchange 1 Open-xchange Appsuite 2024-02-28 7.5 HIGH 9.8 CRITICAL
Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Incorrect Access Control.