Max CVSS | 5.0 | Min CVSS | 3.5 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2016-4048 | 4.3 |
An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev11. Custom messages can be shown at the login screen to notify external users about issues with sharing links. This mechanism can be abused to inject arbitrary text messages. Users
|
19-10-2018 - 15:46 | 15-12-2016 - 06:59 | |
CVE-2016-4026 | 4.3 |
An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev11. The content sanitizer component has an issue with filtering malicious content in case invalid HTML code is provided. In such cases the filter will output a unsanitized represent
|
19-10-2018 - 15:46 | 15-12-2016 - 06:59 | |
CVE-2016-4046 | 5.0 |
An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev11. The API to configure external mail accounts can be abused to map and access network components within the trust boundary of the operator. Users can inject arbitrary hosts and po
|
19-10-2018 - 15:46 | 15-12-2016 - 06:59 | |
CVE-2016-4028 | 3.5 |
An issue was discovered in Open-Xchange OX Guard before 2.4.0-rev8. OX Guard uses an authentication token to identify and transfer guest users' credentials. The OX Guard API acts as a padding oracle by responding with different error codes depending
|
19-10-2018 - 15:46 | 15-12-2016 - 06:59 | |
CVE-2016-4045 | 4.3 |
An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev11. Script code can be embedded to RSS feeds using a URL notation. In case a user clicks the corresponding link at the RSS reader of App Suite, code gets executed at the context of
|
19-10-2018 - 15:46 | 15-12-2016 - 06:59 | |
CVE-2016-4027 | 3.5 |
An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev10. App Suite frontend offers to control whether a user wants to store cookies that exceed the session duration. This functionality is useful when logging in from clients with reduc
|
19-10-2018 - 15:46 | 15-12-2016 - 06:59 | |
CVE-2016-4047 | 4.0 |
An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev8. References to external Open XML document type definitions (.dtd resources) can be placed within .docx and .xslx files. Those resources were requested when parsing certain parts o
|
19-10-2018 - 15:46 | 15-12-2016 - 06:59 |