Max CVSS | 7.1 | Min CVSS | 3.5 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2018-5756 | 4.0 |
The backend component in Open-Xchange OX App Suite before 7.6.3-rev36, 7.8.x before 7.8.2-rev39, 7.8.3 before 7.8.3-rev44, and 7.8.4 before 7.8.4-rev22 does not properly check for folder-to-object association, which allows remote authenticated users
|
03-10-2019 - 00:03 | 16-06-2018 - 01:29 | |
CVE-2017-17062 | 4.0 |
The backend component in Open-Xchange OX App Suite before 7.6.3-rev35, 7.8.x before 7.8.2-rev38, 7.8.3 before 7.8.3-rev41, and 7.8.4 before 7.8.4-rev19 allows remote authenticated users to save arbitrary user attributes by leveraging improper privile
|
03-10-2019 - 00:03 | 16-06-2018 - 01:29 | |
CVE-2018-5755 | 7.1 |
Absolute path traversal vulnerability in the readerengine component in Open-Xchange OX App Suite before 7.6.3-rev3, 7.8.x before 7.8.2-rev4, 7.8.3 before 7.8.3-rev5, and 7.8.4 before 7.8.4-rev4 allows remote attackers to read arbitrary files via a fu
|
03-08-2018 - 18:28 | 16-06-2018 - 01:29 | |
CVE-2018-5753 | 4.0 |
The frontend component in Open-Xchange OX App Suite before 7.6.3-rev31, 7.8.x before 7.8.2-rev31, 7.8.3 before 7.8.3-rev41, and 7.8.4 before 7.8.4-rev20 allows remote attackers to spoof the origin of e-mails via unicode characters in the "personal pa
|
03-08-2018 - 18:19 | 16-06-2018 - 01:29 | |
CVE-2018-5752 | 6.5 |
The backend component in Open-Xchange OX App Suite before 7.6.3-rev36, 7.8.x before 7.8.2-rev39, 7.8.3 before 7.8.3-rev44, and 7.8.4 before 7.8.4-rev22 allows remote attackers to conduct server-side request forgery (SSRF) attacks via vectors involvin
|
03-08-2018 - 17:09 | 16-06-2018 - 01:29 | |
CVE-2018-5751 | 4.0 |
The backend component in Open-Xchange OX App Suite before 7.6.3-rev36, 7.8.x before 7.8.2-rev39, 7.8.3 before 7.8.3-rev44, and 7.8.4 before 7.8.4-rev22 allows remote authenticated users to obtain sensitive information about external guest users via v
|
03-08-2018 - 17:06 | 16-06-2018 - 01:29 | |
CVE-2018-5754 | 3.5 |
Cross-site scripting (XSS) vulnerability in the office-web component in Open-Xchange OX App Suite before 7.8.3-rev12 and 7.8.4 before 7.8.4-rev9 allows remote attackers to inject arbitrary web script or HTML via a crafted presentation file, related t
|
02-08-2018 - 19:42 | 16-06-2018 - 01:29 |