CVSS: 5.4EPSS: 0%CPEs: 45EXPL: 0CVE-2022-29853
https://notcve.org/view.php?id=CVE-2022-29853
OX App Suite through 8.2 allows XSS via a certain complex hierarchy that forces use of Show Entire Message for a huge HTML e-mail message. OX App Suite hasta 8.2 permite XSS a través de una cierta jerarquía compleja que obliga al uso de Mostrar Mensaje Completo para un mensaje de correo electrónico HTML enorme. • https://open-xchange.com https://seclists.org/fulldisclosure/2022/Sep/0 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 45EXPL: 0CVE-2022-29852
https://notcve.org/view.php?id=CVE-2022-29852
OX App Suite through 8.2 allows XSS because BMFreehand10 and image/x-freehand are not blocked. OX App Suite hasta 8.2 permite XSS porque BMFreehand10 e image/x-freehand no están bloqueados. • https://open-xchange.com https://seclists.org/fulldisclosure/2022/Sep/0 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •