CVE-2017-8341
https://notcve.org/view.php?id=CVE-2017-8341
Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Content Spoofing. Open-Xchange GmbH OX App Suite versión 7.8.3 y anteriores, se ven afectados por: Suplantación de Contenido. • http://open-xchange.com http://ox.com https://documentation.open-xchange.com/7.10.0/release-notes/release-notes.html • CWE-20: Improper Input Validation •
CVE-2017-8777
https://notcve.org/view.php?id=CVE-2017-8777
Open-Xchange GmbH OX Cloud Plugins 1.4.0 and earlier is affected by: Missing Authorization. Open-Xchange GmbH OX Cloud Plugins versión 1.4.0 y anteriores, se ven afectados por: Falta de Autorización. • http://open-xchange.com http://ox.com https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_4137_1.2.2_2017-05-12.pdf • CWE-285: Improper Authorization •
CVE-2017-9808
https://notcve.org/view.php?id=CVE-2017-9808
OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Cross Site Scripting (XSS). OX Software GmbH OX App Suite versión 7.8.4 y anteriores, se ven afectados por: Cross Site Scripting (XSS). • http://ox.com https://documentation.open-xchange.com/7.8.3/release-notes/release-notes.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2017-9809
https://notcve.org/view.php?id=CVE-2017-9809
OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Information Exposure. OX Software GmbH OX App Suite 7.8.4 y versión anterior, se ven afectados por: Exposición de Información. • http://ox.com https://documentation.open-xchange.com/7.8.3/release-notes/release-notes.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2017-12884
https://notcve.org/view.php?id=CVE-2017-12884
OX Software GmbH App Suite 7.8.4 and earlier is affected by: Information Exposure. OX Software GmbH App Suite 7.8.4 y anteriores se ve afectada por: Divulgación de información • http://app.com http://ox.com https://documentation.open-xchange.com/7.8.3/release-notes/release-notes.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •