CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-10986
https://notcve.org/view.php?id=CVE-2018-10986
OX Guard 2.8.0 has CSRF. OX Guard en la versión 2.8.0 tiene Cross-Site Request Forgery (CSRF). • http://software.open-xchange.com/products/guard/doc/OX_Guard_Release_Notes_for_Release_2.10.0_2018-07-04.pdf • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 0CVE-2017-13667
https://notcve.org/view.php?id=CVE-2017-13667
OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: SSRF. OX Software GmbH OX App Suite 7.8.4 y anteriores, se ven afectados por: SSRF. • http://ox.com https://documentation.open-xchange.com/7.8.3/release-notes/release-notes.html • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2017-13668
https://notcve.org/view.php?id=CVE-2017-13668
OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Cross Site Scripting (XSS). OX Software GmbH OX App Suite versión 7.8.4 y anteriores, se ven afectados por: Cross Site Scripting (XSS). • http://ox.com https://documentation.open-xchange.com/7.8.3/release-notes/release-notes.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-15029
https://notcve.org/view.php?id=CVE-2017-15029
Open-Xchange GmbH OX App Suite 7.8.4 and earlier is affected by: SSRF. Open-Xchange GmbH OX App Suite versión 7.8.4 y anteriores, se ven afectadas por: SSRF. • http://open-xchange.com http://ox.com https://documentation.open-xchange.com/7.8.3/release-notes/release-notes.html • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-15030
https://notcve.org/view.php?id=CVE-2017-15030
Open-Xchange GmbH OX App Suite 7.8.4 and earlier is affected by: Cross Site Scripting (XSS). Open-Xchange GmbH OX App Suite versión 7.8.4 y anteriores, se ven afectados por: Cross Site Scripting (XSS). • http://open-xchange.com http://ox.com https://documentation.open-xchange.com/7.8.3/release-notes/release-notes.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •