CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2019-11521 – Open-Xchange OX App Suite Content Spoofing / Cross Site Scripting
https://notcve.org/view.php?id=CVE-2019-11521
16 Aug 2019 — OX App Suite 7.10.1 allows Content Spoofing. OX App Suite 7.10.1 permite la suplantación de contenido. Open-Xchange OX Guard versions 7.10.2 and below suffer from a cross site scripting vulnerability. Open-Xchange OX Guard versions 7.10.1 and below, 2.10.2 and below suffer from a signature validation vulnerability. • http://packetstormsecurity.com/files/154128/Open-Xchange-OX-App-Suite-Content-Spoofing-Cross-Site-Scripting.html • CWE-269: Improper Privilege Management •
CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 0CVE-2017-13667
https://notcve.org/view.php?id=CVE-2017-13667
23 May 2019 — OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: SSRF. OX Software GmbH OX App Suite 7.8.4 y anteriores, se ven afectados por: SSRF. • http://ox.com • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2017-13668
https://notcve.org/view.php?id=CVE-2017-13668
23 May 2019 — OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Cross Site Scripting (XSS). OX Software GmbH OX App Suite versión 7.8.4 y anteriores, se ven afectados por: Cross Site Scripting (XSS). • http://ox.com • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-15029
https://notcve.org/view.php?id=CVE-2017-15029
23 May 2019 — Open-Xchange GmbH OX App Suite 7.8.4 and earlier is affected by: SSRF. Open-Xchange GmbH OX App Suite versión 7.8.4 y anteriores, se ven afectadas por: SSRF. • http://open-xchange.com • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-15030
https://notcve.org/view.php?id=CVE-2017-15030
23 May 2019 — Open-Xchange GmbH OX App Suite 7.8.4 and earlier is affected by: Cross Site Scripting (XSS). Open-Xchange GmbH OX App Suite versión 7.8.4 y anteriores, se ven afectados por: Cross Site Scripting (XSS). • http://open-xchange.com • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-17060
https://notcve.org/view.php?id=CVE-2017-17060
23 May 2019 — OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Insecure Permissions. OX Software GmbH OX App Suite versión 7.8.4 y anteriores, se ven afectadas por: Permisos Inseguros. • http://ox.com • CWE-275: Permission Issues •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2017-17061
https://notcve.org/view.php?id=CVE-2017-17061
23 May 2019 — OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Cross Site Scripting (XSS). OX Software GmbH OX App Suite versión 7.8.4 y anteriores, se ven afectados por: Cross Site Scripting (XSS). • http://ox.com • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-5210
https://notcve.org/view.php?id=CVE-2017-5210
23 May 2019 — Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Information Exposure. Open-Xchange GmbH OX App Suite versión 7.8.3 y anteriores, se ven afectados por: Exposición de la Información. • http://open-xchange.com • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-5211
https://notcve.org/view.php?id=CVE-2017-5211
23 May 2019 — Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Content Spoofing. Open-Xchange GmbH OX App Suite versión 7.8.3 y anteriores, se ven afectados por: Suplantación de Contenido. • http://open-xchange.com • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-5212
https://notcve.org/view.php?id=CVE-2017-5212
23 May 2019 — Open-Xchange GmbH OX App Suite 7.8.3 is affected by: Incorrect Access Control. Open-Xchange GmbH OX App Suite 7.8.3 esta afectada por: Control de Acceso Incorrecto. • http://open-xchange.com • CWE-284: Improper Access Control •