CVSS: 8.5EPSS: 1%CPEs: 1EXPL: 2CVE-2019-16716 – OX App Suite 7.10.2 Cross Site Scripting / Improper Access Control
https://notcve.org/view.php?id=CVE-2019-16716
OX App Suite through 7.10.2 has Incorrect Access Control. OX App Suite versiones hasta la versión 7.10.2, presenta un Control de Acceso Incorrecto. Open-Xchange App Suite versions 7.10.2 and below suffer from cross site scripting and improper access control vulnerabilities. • http://packetstormsecurity.com/files/155813/OX-App-Suite-7.10.2-Cross-Site-Scripting-Improper-Access-Control.html http://seclists.org/fulldisclosure/2020/Jan/7 • CWE-276: Incorrect Default Permissions •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2CVE-2019-16717 – OX App Suite 7.10.2 Cross Site Scripting / Improper Access Control
https://notcve.org/view.php?id=CVE-2019-16717
OX App Suite through 7.10.2 has XSS. OX App Suite versiones hasta la versión 7.10.2, tiene una vulnerabilidad de tipo XSS. Open-Xchange App Suite versions 7.10.2 and below suffer from cross site scripting and improper access control vulnerabilities. • http://packetstormsecurity.com/files/155813/OX-App-Suite-7.10.2-Cross-Site-Scripting-Improper-Access-Control.html http://seclists.org/fulldisclosure/2020/Jan/7 https://www.open-xchange.com • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 1CVE-2019-14226 – Open-Xchange OX App Suite SSRF / XSS / Information Disclosure / Access Controls
https://notcve.org/view.php?id=CVE-2019-14226
OX App Suite through 7.10.2 has Insecure Permissions. OX App Suite hasta la versión 7.10.2 tiene permisos inseguros. Various Open-Xchange OX App Suite versions suffer from server-side request forgery, cross site scripting, information disclosure, and improper access control vulnerabilities. • http://packetstormsecurity.com/files/154826/Open-Xchange-OX-App-Suite-SSRF-XSS-Information-Disclosure-Access-Controls.html https://seclists.org/fulldisclosure/2019/Oct/25 • CWE-281: Improper Preservation of Permissions •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 1CVE-2019-11806 – Open-Xchange OX App Suite Content Spoofing / Cross Site Scripting
https://notcve.org/view.php?id=CVE-2019-11806
OX App Suite 7.10.1 and earlier has Insecure Permissions. OX App Suite 7.10.1 y versiones anteriores tienen permisos inseguros. Open-Xchange OX App Suite suffers from a content spoofing, cross site scripting, and information disclosure vulnerabilities. Versions affected vary depending on the vulnerability. • http://packetstormsecurity.com/files/154128/Open-Xchange-OX-App-Suite-Content-Spoofing-Cross-Site-Scripting.html • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 0CVE-2017-13667
https://notcve.org/view.php?id=CVE-2017-13667
OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: SSRF. OX Software GmbH OX App Suite 7.8.4 y anteriores, se ven afectados por: SSRF. • http://ox.com https://documentation.open-xchange.com/7.8.3/release-notes/release-notes.html • CWE-918: Server-Side Request Forgery (SSRF) •