Product:

Ox_app_suite

(Open\-Xchange)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 45
Date Id Summary Products Score Patch Annotated
2022-03-28 CVE-2021-44211 OX App Suite through 7.10.5 allows XSS via the class attribute of an element in an HTML e-mail signature. Ox_app_suite 5.4
2021-11-22 CVE-2021-33488 chat in OX App Suite 7.10.5 has Improper Input Validation. A user can be redirected to a rogue OX Chat server via a development-related hook. Ox_app_suite 6.1
2021-11-22 CVE-2021-33491 OX App Suite through 7.10.5 allows Directory Traversal via ../ in an OOXML or ODF ZIP archive, because of the mishandling of relative paths in mail addresses in conjunction with auto-configuration DNS records. Ox_app_suite 6.5
2021-11-22 CVE-2021-33492 OX App Suite 7.10.5 allows XSS via an OX Chat room name. Ox_app_suite 6.1
2021-11-22 CVE-2021-33493 The middleware component in OX App Suite through 7.10.5 allows Code Injection via Java classes in a YAML format. Ox_app_suite 6.0
2021-11-22 CVE-2021-33494 OX App Suite 7.10.5 allows XSS via an OX Chat room title during typing rendering. Ox_app_suite 6.1
2021-11-22 CVE-2021-33495 OX App Suite 7.10.5 allows XSS via an OX Chat system message. Ox_app_suite 6.1
2021-11-22 CVE-2021-38375 OX App Suite through 7.10.5 allows XSS via the alt attribute of an IMG element in a truncated e-mail message. Ox_app_suite 6.1
2021-11-22 CVE-2021-33489 OX App Suite through 7.10.5 allows XSS via JavaScript code in a shared XCF file. Ox_app_suite 6.1
2021-11-22 CVE-2021-33490 OX App Suite through 7.10.5 allows XSS via a crafted snippet in a shared mail signature. Ox_app_suite 6.1