CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2021-44210 – OX App Suite 7.10.5 Cross Site Scripting
https://notcve.org/view.php?id=CVE-2021-44210
OX App Suite through 7.10.5 allows XSS via NIFF (Notation Interchange File Format) data. OX App Suite versiones hasta 7.10.5, permite un ataque de tipo XSS por medio de datos NIFF (Notation Interchange File Format) OX App Suite versions 7.10.5 and below suffer from multiple cross site scripting vulnerabilities. • http://packetstormsecurity.com/files/166389/OX-App-Suite-7.10.5-Cross-Site-Scripting.html https://open-xchange.com • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2021-44212 – OX App Suite 7.10.5 Cross Site Scripting
https://notcve.org/view.php?id=CVE-2021-44212
OX App Suite through 7.10.5 allows XSS via a trailing control character such as the SCRIPT\t substring. OX App Suite versiones hasta 7.10.5, permite un ataque de tipo XSS por medio de un carácter de control al final del mensaje, como la subcadena SCRIPT\t OX App Suite versions 7.10.5 and below suffer from multiple cross site scripting vulnerabilities. • http://packetstormsecurity.com/files/166389/OX-App-Suite-7.10.5-Cross-Site-Scripting.html https://open-xchange.com • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2021-44213 – OX App Suite 7.10.5 Cross Site Scripting
https://notcve.org/view.php?id=CVE-2021-44213
OX App Suite through 7.10.5 allows XSS via uuencoding in a multipart/alternative message. OX App Suite versiones hasta 7.10.5, permite un ataque de tipo XSS por medio de uuencoding en un mensaje multipart/alternative OX App Suite versions 7.10.5 and below suffer from multiple cross site scripting vulnerabilities. • https://open-xchange.com https://packetstormsecurity.com/files/166389/OX-App-Suite-7.10.5-Cross-Site-Scripting.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2021-44211 – OX App Suite 7.10.5 Cross Site Scripting
https://notcve.org/view.php?id=CVE-2021-44211
OX App Suite through 7.10.5 allows XSS via the class attribute of an element in an HTML e-mail signature. OX App Suite versiones hasta 7.10.5, permite un ataque de tipo XSS por medio del atributo class de un elemento en una firma de correo electrónico HTML OX App Suite versions 7.10.5 and below suffer from multiple cross site scripting vulnerabilities. • http://packetstormsecurity.com/files/166389/OX-App-Suite-7.10.5-Cross-Site-Scripting.html https://open-xchange.com • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 2CVE-2021-38378 – OX App Suite 7.10.5 Cross Site Scripting / Information Disclosure
https://notcve.org/view.php?id=CVE-2021-38378
OX App Suite 7.10.5 allows Information Exposure because a caching mechanism can caused a Modified By response to show a person's name. OX App Suite versión 7.10.5, permite una Exposición de Información porque un mecanismo de caché puede causar que una respuesta Modified By muestre el nombre de una persona OX App Suite versions 7.10.5 and below suffer from cross site scripting and information disclosure vulnerabilities. • http://packetstormsecurity.com/files/165038/OX-App-Suite-7.10.5-Cross-Site-Scripting-Information-Disclosure.html https://seclists.org/fulldisclosure/2021/Nov/43 https://www.open-xchange.com •