CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2022-23101
https://notcve.org/view.php?id=CVE-2022-23101
OX App Suite through 7.10.6 allows XSS via appHandler in a deep link in an e-mail message. OX App Suite versiones hasta 7.10.6, permite XSS por medio de appHandler en un enlace profundo en un mensaje de correo electrónico • https://open-xchange.com https://seclists.org/fulldisclosure/2022/Jul/11 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-24406
https://notcve.org/view.php?id=CVE-2022-24406
OX App Suite through 7.10.6 allows SSRF because multipart/form-data boundaries are predictable, and this can lead to injection into internal Documentconverter API calls. OX App Suite versiones hasta 7.10.6, permite un ataque de tipo SSRF porque los límites de multipart/form-data son predecibles, y esto puede conllevar a una inyección en las llamadas internas de la API de Documentconverter • https://open-xchange.com https://seclists.org/fulldisclosure/2022/Jul/11 • CWE-330: Use of Insufficiently Random Values •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2021-44208 – OX App Suite 7.10.5 Cross Site Scripting
https://notcve.org/view.php?id=CVE-2021-44208
OX App Suite through 7.10.5 allows XSS via an unknown system message in Chat. OX App Suite versiones hasta 7.10.5, permite un ataque de tipo XSS por medio de un mensaje de sistema desconocido en el chat OX App Suite versions 7.10.5 and below suffer from multiple cross site scripting vulnerabilities. • http://packetstormsecurity.com/files/166389/OX-App-Suite-7.10.5-Cross-Site-Scripting.html https://open-xchange.com • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2021-44209 – OX App Suite 7.10.5 Cross Site Scripting
https://notcve.org/view.php?id=CVE-2021-44209
OX App Suite through 7.10.5 allows XSS via an HTML 5 element such as AUDIO. OX App Suite versiones hasta 7.10.5, permite un ataque de tipo XSS por medio de un elemento HTML 5 como AUDIO OX App Suite versions 7.10.5 and below suffer from multiple cross site scripting vulnerabilities. • http://packetstormsecurity.com/files/166389/OX-App-Suite-7.10.5-Cross-Site-Scripting.html https://open-xchange.com • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2021-44210 – OX App Suite 7.10.5 Cross Site Scripting
https://notcve.org/view.php?id=CVE-2021-44210
OX App Suite through 7.10.5 allows XSS via NIFF (Notation Interchange File Format) data. OX App Suite versiones hasta 7.10.5, permite un ataque de tipo XSS por medio de datos NIFF (Notation Interchange File Format) OX App Suite versions 7.10.5 and below suffer from multiple cross site scripting vulnerabilities. • http://packetstormsecurity.com/files/166389/OX-App-Suite-7.10.5-Cross-Site-Scripting.html https://open-xchange.com • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •