Page 12 of 151 results (0.015 seconds)

CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 1

CVE-2019-14226 – Open-Xchange OX App Suite SSRF / XSS / Information Disclosure / Access Controls

https://notcve.org/view.php?id=CVE-2019-14226

OX App Suite through 7.10.2 has Insecure Permissions. OX App Suite hasta la versión 7.10.2 tiene permisos inseguros. Various Open-Xchange OX App Suite versions suffer from server-side request forgery, cross site scripting, information disclosure, and improper access control vulnerabilities. • http://packetstormsecurity.com/files/154826/Open-Xchange-OX-App-Suite-SSRF-XSS-Information-Disclosure-Access-Controls.html https://seclists.org/fulldisclosure/2019/Oct/25 • CWE-281: Improper Preservation of Permissions •

CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1

CVE-2019-14225 – Open-Xchange OX App Suite SSRF / XSS / Information Disclosure / Access Controls

https://notcve.org/view.php?id=CVE-2019-14225

OX App Suite 7.10.1 and 7.10.2 allows SSRF. OX App Suite versión 7.10.1 y versión 7.10.2 permite Server Side Request Forgery (SSRF). Various Open-Xchange OX App Suite versions suffer from server-side request forgery, cross site scripting, information disclosure, and improper access control vulnerabilities. • http://packetstormsecurity.com/files/154826/Open-Xchange-OX-App-Suite-SSRF-XSS-Information-Disclosure-Access-Controls.html https://seclists.org/fulldisclosure/2019/Oct/25 • CWE-918: Server-Side Request Forgery (SSRF) •

CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 2

CVE-2019-14227 – Open-Xchange OX App Suite SSRF / XSS / Information Disclosure / Access Controls

https://notcve.org/view.php?id=CVE-2019-14227

OX App Suite 7.10.1 and 7.10.2 allows XSS. OX App Suite versión 7.10.1 y versión 7.10.2 permite Cross-Site Scripting (XSS). Various Open-Xchange OX App Suite versions suffer from server-side request forgery, cross site scripting, information disclosure, and improper access control vulnerabilities. • http://packetstormsecurity.com/files/154826/Open-Xchange-OX-App-Suite-SSRF-XSS-Information-Disclosure-Access-Controls.html http://seclists.org/fulldisclosure/2019/Oct/25 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 1

CVE-2019-11806 – Open-Xchange OX App Suite Content Spoofing / Cross Site Scripting

https://notcve.org/view.php?id=CVE-2019-11806

OX App Suite 7.10.1 and earlier has Insecure Permissions. OX App Suite 7.10.1 y versiones anteriores tienen permisos inseguros. Open-Xchange OX App Suite suffers from a content spoofing, cross site scripting, and information disclosure vulnerabilities. Versions affected vary depending on the vulnerability. • http://packetstormsecurity.com/files/154128/Open-Xchange-OX-App-Suite-Content-Spoofing-Cross-Site-Scripting.html • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1

CVE-2019-11522 – Open-Xchange OX App Suite Content Spoofing / Cross Site Scripting

https://notcve.org/view.php?id=CVE-2019-11522

OX App Suite 7.10.0 to 7.10.2 allows XSS. OX App Suite 7.10.0 a 7.10.2 permite XSS. Open-Xchange OX App Suite suffers from a content spoofing, cross site scripting, and information disclosure vulnerabilities. Versions affected vary depending on the vulnerability. • http://packetstormsecurity.com/files/154128/Open-Xchange-OX-App-Suite-Content-Spoofing-Cross-Site-Scripting.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •