CVSS: 7.5EPSS: 0%CPEs: 125EXPL: 0CVE-2020-8543 – OX App Suite / OX Documents 7.10.3 XSS / SSRF / Improper Validation
https://notcve.org/view.php?id=CVE-2020-8543
OX App Suite through 7.10.3 has Improper Input Validation. OX App Suite versiones hasta 7.10.3, presenta una Comprobación de Entrada Inapropiada OX App Suite and OX Documents versions 7.10.3 and below suffer from server-side request forgery, cross site scripting, improper parameter validation, and XML injection vulnerabilities. • https://packetstormsecurity.com/files/158070/OX-App-Suite-OX-Documents-7.10.3-XSS-SSRF-Improper-Validation.html https://www.open-xchange.com • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 16EXPL: 0CVE-2020-8541 – OX App Suite / OX Documents 7.10.3 XSS / SSRF / Improper Validation
https://notcve.org/view.php?id=CVE-2020-8541
OX App Suite through 7.10.3 allows XXE attacks. OX App Suite versiones hasta 7.10.3, permite ataques de tipo XXE OX App Suite and OX Documents versions 7.10.3 and below suffer from server-side request forgery, cross site scripting, improper parameter validation, and XML injection vulnerabilities. • https://packetstormsecurity.com/files/158070/OX-App-Suite-OX-Documents-7.10.3-XSS-SSRF-Improper-Validation.html https://www.open-xchange.com • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 5.4EPSS: 0%CPEs: 54EXPL: 0CVE-2020-8542 – OX App Suite / OX Documents XSS / SSRF / Bypass
https://notcve.org/view.php?id=CVE-2020-8542
OX App Suite through 7.10.3 allows XSS. OX App Suite versiones hasta 7.10.3, permite un ataque de tipo XSS OX App Suite and OX Documents versions 7.10.3 and below suffer from server-side request forgery, cross site scripting, improper parameter validation, and XML injection vulnerabilities. • http://packetstormsecurity.com/files/158932/OX-App-Suite-OX-Documents-XSS-SSRF-Bypass.html http://seclists.org/fulldisclosure/2020/Aug/14 https://packetstormsecurity.com/files/158070/OX-App-Suite-OX-Documents-7.10.3-XSS-SSRF-Improper-Validation.html https://www.open-xchange.com • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 125EXPL: 0CVE-2020-8544 – OX App Suite / OX Documents 7.10.3 XSS / SSRF / Improper Validation
https://notcve.org/view.php?id=CVE-2020-8544
OX App Suite through 7.10.3 allows SSRF. OX App Suite versiones hasta 7.10.3, permite un ataque de tipo SSRF OX App Suite and OX Documents versions 7.10.3 and below suffer from server-side request forgery, cross site scripting, improper parameter validation, and XML injection vulnerabilities. • https://packetstormsecurity.com/files/158070/OX-App-Suite-OX-Documents-7.10.3-XSS-SSRF-Improper-Validation.html https://www.open-xchange.com • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 2CVE-2019-18846 – OX App Suite / OX Documents 7.10.3 XSS / SSRF / Improper Validation
https://notcve.org/view.php?id=CVE-2019-18846
OX App Suite through 7.10.2 allows SSRF. OX App Suite versiones hasta 7.10.2, permite un ataque de tipo SSRF. OX App Suite and OX Documents versions 7.10.3 and below suffer from server-side request forgery, cross site scripting, improper parameter validation, and XML injection vulnerabilities. • http://packetstormsecurity.com/files/156474/Open-Xchange-App-Suite-Documents-Server-Side-Request-Forgery.html http://packetstormsecurity.com/files/158070/OX-App-Suite-OX-Documents-7.10.3-XSS-SSRF-Improper-Validation.html • CWE-918: Server-Side Request Forgery (SSRF) •