Vulnerabilites related to open-xchange - open-xchange_appsuite_frontend
CVE-2023-26445 (GCVE-0-2023-26445)
Vulnerability from cvelistv5
Published
2023-08-02 12:23
Modified
2024-08-02 11:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
Frontend themes are defined by user-controllable jslob settings and could point to a malicious resource which gets processed during login. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface and API. To exploit this an attacker would require temporary access to the users account or lure a user to a compromised account. We now sanitize the theme value and use a default fallback if no theme matches. No publicly available exploits are known.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| OX Software GmbH | OX App Suite |
Version: 0 ≤ 7.10.6-rev27 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:46:24.637Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"release-notes",
"x_transferred"
],
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6230_7.10.6_2023-05-02.pdf"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0003.json"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2023/Aug/8"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/173943/OX-App-Suite-SSRF-SQL-Injection-Cross-Site-Scripting.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"frontend"
],
"product": "OX App Suite",
"vendor": "OX Software GmbH",
"versions": [
{
"lessThanOrEqual": "7.10.6-rev27",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eFrontend themes are defined by user-controllable jslob settings and could point to a malicious resource which gets processed during login. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface and API. To exploit this an attacker would require temporary access to the users account or lure a user to a compromised account. We now sanitize the theme value and use a default fallback if no theme matches. No publicly available exploits are known.\u003c/p\u003e"
}
],
"value": "Frontend themes are defined by user-controllable jslob settings and could point to a malicious resource which gets processed during login. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface and API. To exploit this an attacker would require temporary access to the users account or lure a user to a compromised account. We now sanitize the theme value and use a default fallback if no theme matches. No publicly available exploits are known.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-12T07:12:13.627Z",
"orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
"shortName": "OX"
},
"references": [
{
"tags": [
"release-notes"
],
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6230_7.10.6_2023-05-02.pdf"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0003.json"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Aug/8"
},
{
"url": "http://packetstormsecurity.com/files/173943/OX-App-Suite-SSRF-SQL-Injection-Cross-Site-Scripting.html"
}
],
"source": {
"defect": [
"OXUIB-2282"
],
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
"assignerShortName": "OX",
"cveId": "CVE-2023-26445",
"datePublished": "2023-08-02T12:23:20.888Z",
"dateReserved": "2023-02-22T20:42:56.091Z",
"dateUpdated": "2024-08-02T11:46:24.637Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6846 (GCVE-0-2016-6846)
Vulnerability from cvelistv5
Published
2017-03-29 14:00
Modified
2024-08-06 01:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cross-site scripting (XSS) vulnerability in Open-Xchange (OX) AppSuite backend before 7.6.2-rev59, 7.8.0 before 7.8.0-rev38, 7.8.2 before 7.8.2-rev8; AppSuite frontend before 7.6.2-rev47, 7.8.0 before 7.8.0-rev30, and 7.8.2 before 7.8.2-rev8; Office Web before 7.6.2-rev16, 7.8.0 before 7.8.0-rev10, and 7.8.2 before 7.8.2-rev5; and Documentconverter-API before 7.8.2-rev5 allows remote attackers to inject arbitrary web script or HTML.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:43:38.171Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "93457",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93457"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://software.open-xchange.com/OX6/6.22/doc/Release_Notes_for_Patch_Release_3522_7.8.2_2016-08-29.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://software.open-xchange.com/OX6/doc/Release_Notes_for_Patch_Release_3520_7.8.0_2016-08-29.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://software.open-xchange.com/OX6/6.22/doc/Release_Notes_for_Patch_Release_3518_7.6.2_2016-08-29.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-08-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Open-Xchange (OX) AppSuite backend before 7.6.2-rev59, 7.8.0 before 7.8.0-rev38, 7.8.2 before 7.8.2-rev8; AppSuite frontend before 7.6.2-rev47, 7.8.0 before 7.8.0-rev30, and 7.8.2 before 7.8.2-rev8; Office Web before 7.6.2-rev16, 7.8.0 before 7.8.0-rev10, and 7.8.2 before 7.8.2-rev5; and Documentconverter-API before 7.8.2-rev5 allows remote attackers to inject arbitrary web script or HTML."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-03-29T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "93457",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93457"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://software.open-xchange.com/OX6/6.22/doc/Release_Notes_for_Patch_Release_3522_7.8.2_2016-08-29.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://software.open-xchange.com/OX6/doc/Release_Notes_for_Patch_Release_3520_7.8.0_2016-08-29.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://software.open-xchange.com/OX6/6.22/doc/Release_Notes_for_Patch_Release_3518_7.6.2_2016-08-29.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-6846",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Open-Xchange (OX) AppSuite backend before 7.6.2-rev59, 7.8.0 before 7.8.0-rev38, 7.8.2 before 7.8.2-rev8; AppSuite frontend before 7.6.2-rev47, 7.8.0 before 7.8.0-rev30, and 7.8.2 before 7.8.2-rev8; Office Web before 7.6.2-rev16, 7.8.0 before 7.8.0-rev10, and 7.8.2 before 7.8.2-rev5; and Documentconverter-API before 7.8.2-rev5 allows remote attackers to inject arbitrary web script or HTML."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "93457",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93457"
},
{
"name": "https://software.open-xchange.com/OX6/6.22/doc/Release_Notes_for_Patch_Release_3522_7.8.2_2016-08-29.pdf",
"refsource": "CONFIRM",
"url": "https://software.open-xchange.com/OX6/6.22/doc/Release_Notes_for_Patch_Release_3522_7.8.2_2016-08-29.pdf"
},
{
"name": "http://software.open-xchange.com/OX6/doc/Release_Notes_for_Patch_Release_3520_7.8.0_2016-08-29.pdf",
"refsource": "CONFIRM",
"url": "http://software.open-xchange.com/OX6/doc/Release_Notes_for_Patch_Release_3520_7.8.0_2016-08-29.pdf"
},
{
"name": "https://software.open-xchange.com/OX6/6.22/doc/Release_Notes_for_Patch_Release_3518_7.6.2_2016-08-29.pdf",
"refsource": "CONFIRM",
"url": "https://software.open-xchange.com/OX6/6.22/doc/Release_Notes_for_Patch_Release_3518_7.6.2_2016-08-29.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-6846",
"datePublished": "2017-03-29T14:00:00",
"dateReserved": "2016-08-18T00:00:00",
"dateUpdated": "2024-08-06T01:43:38.171Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-4367 (GCVE-0-2024-4367)
Vulnerability from cvelistv5
Published
2024-05-14 17:21
Modified
2025-04-24 18:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Arbitrary JavaScript execution in PDF.js
Summary
A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Mozilla | Firefox |
Version: unspecified < 126 |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:mozilla:thunderbird:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "thunderbird",
"vendor": "mozilla",
"versions": [
{
"lessThan": "115.11",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:mozilla:firefox:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "firefox",
"vendor": "mozilla",
"versions": [
{
"lessThan": "126",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:mozilla:firefox_esr:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "firefox_esr",
"vendor": "mozilla",
"versions": [
{
"lessThan": "115.11",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-4367",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-26T04:55:26.634778Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-754",
"description": "CWE-754 Improper Check for Unusual or Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-13T14:44:59.422Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-04-24T18:19:17.818Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://seclists.org/fulldisclosure/2024/Aug/30"
},
{
"url": "https://github.com/mozilla/pdf.js/releases/tag/v4.2.67"
},
{
"url": "https://codeanlabs.com/blog/research/cve-2024-4367-arbitrary-js-execution-in-pdf-js/"
},
{
"url": "https://github.com/gogs/gogs/issues/7928"
},
{
"url": "https://www.exploit-db.com/exploits/52273"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1893645"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2024-21/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2024-22/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2024-23/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00010.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00012.html"
}
],
"title": "CVE Program Container",
"x_generator": {
"engine": "ADPogram 0.0.1"
}
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "126",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.11",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "115.11",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Thomas Rinsma of Codean Labs"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affects Firefox \u003c 126, Firefox ESR \u003c 115.11, and Thunderbird \u003c 115.11."
}
],
"value": "A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affects Firefox \u003c 126, Firefox ESR \u003c 115.11, and Thunderbird \u003c 115.11."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Arbitrary JavaScript execution in PDF.js",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-10T16:07:35.289Z",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1893645"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-21/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-22/"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-23/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00010.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00012.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2024-4367",
"datePublished": "2024-05-14T17:21:23.486Z",
"dateReserved": "2024-04-30T19:08:43.037Z",
"dateUpdated": "2025-04-24T18:19:17.818Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-26447 (GCVE-0-2023-26447)
Vulnerability from cvelistv5
Published
2023-08-02 12:23
Modified
2024-08-02 11:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
The "upsell" widget for the portal allows to specify a product description. This description taken from a user-controllable jslob did not get escaped before being added to DOM. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface and API. To exploit this an attacker would require temporary access to the users account or lure a user to a compromised account. We now sanitize jslob content. No publicly available exploits are known.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| OX Software GmbH | OX App Suite |
Version: 0 ≤ 7.10.6-rev27 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:46:24.559Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"release-notes",
"x_transferred"
],
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6230_7.10.6_2023-05-02.pdf"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0003.json"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2023/Aug/8"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/173943/OX-App-Suite-SSRF-SQL-Injection-Cross-Site-Scripting.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"frontend"
],
"product": "OX App Suite",
"vendor": "OX Software GmbH",
"versions": [
{
"lessThanOrEqual": "7.10.6-rev27",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe \u0026quot;upsell\u0026quot; widget for the portal allows to specify a product description. This description taken from a user-controllable jslob did not get escaped before being added to DOM. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface and API. To exploit this an attacker would require temporary access to the users account or lure a user to a compromised account. We now sanitize jslob content. No publicly available exploits are known.\u003c/p\u003e"
}
],
"value": "The \"upsell\" widget for the portal allows to specify a product description. This description taken from a user-controllable jslob did not get escaped before being added to DOM. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface and API. To exploit this an attacker would require temporary access to the users account or lure a user to a compromised account. We now sanitize jslob content. No publicly available exploits are known.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-12T07:11:58.378Z",
"orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
"shortName": "OX"
},
"references": [
{
"tags": [
"release-notes"
],
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6230_7.10.6_2023-05-02.pdf"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0003.json"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Aug/8"
},
{
"url": "http://packetstormsecurity.com/files/173943/OX-App-Suite-SSRF-SQL-Injection-Cross-Site-Scripting.html"
}
],
"source": {
"defect": [
"OXUIB-2284"
],
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
"assignerShortName": "OX",
"cveId": "CVE-2023-26447",
"datePublished": "2023-08-02T12:23:28.606Z",
"dateReserved": "2023-02-22T20:42:56.091Z",
"dateUpdated": "2024-08-02T11:46:24.559Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-26449 (GCVE-0-2023-26449)
Vulnerability from cvelistv5
Published
2023-08-02 12:23
Modified
2024-08-02 11:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
The "OX Chat" web service did not specify a media-type when processing responses by external resources. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface and API. To exploit this an attacker would require temporary access to the users account or lure a user to a compromised account. We are now defining the accepted media-type to avoid code execution. No publicly available exploits are known.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| OX Software GmbH | OX App Suite |
Version: 0 ≤ 7.10.6-rev27 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:46:24.657Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"release-notes",
"x_transferred"
],
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6230_7.10.6_2023-05-02.pdf"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0003.json"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2023/Aug/8"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/173943/OX-App-Suite-SSRF-SQL-Injection-Cross-Site-Scripting.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"frontend"
],
"product": "OX App Suite",
"vendor": "OX Software GmbH",
"versions": [
{
"lessThanOrEqual": "7.10.6-rev27",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe \u0026quot;OX Chat\u0026quot; web service did not specify a media-type when processing responses by external resources. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface and API. To exploit this an attacker would require temporary access to the users account or lure a user to a compromised account. We are now defining the accepted media-type to avoid code execution. No publicly available exploits are known.\u003c/p\u003e"
}
],
"value": "The \"OX Chat\" web service did not specify a media-type when processing responses by external resources. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface and API. To exploit this an attacker would require temporary access to the users account or lure a user to a compromised account. We are now defining the accepted media-type to avoid code execution. No publicly available exploits are known.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-12T07:11:41.641Z",
"orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
"shortName": "OX"
},
"references": [
{
"tags": [
"release-notes"
],
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6230_7.10.6_2023-05-02.pdf"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0003.json"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Aug/8"
},
{
"url": "http://packetstormsecurity.com/files/173943/OX-App-Suite-SSRF-SQL-Injection-Cross-Site-Scripting.html"
}
],
"source": {
"defect": [
"OXUIB-2286"
],
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
"assignerShortName": "OX",
"cveId": "CVE-2023-26449",
"datePublished": "2023-08-02T12:23:37.133Z",
"dateReserved": "2023-02-22T20:42:56.091Z",
"dateUpdated": "2024-08-02T11:46:24.657Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-26450 (GCVE-0-2023-26450)
Vulnerability from cvelistv5
Published
2023-08-02 12:23
Modified
2024-08-02 11:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
The "OX Count" web service did not specify a media-type when processing responses by external resources. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface and API. To exploit this an attacker would require temporary access to the users account or lure a user to a compromised account. We are now defining the accepted media-type to avoid code execution. No publicly available exploits are known.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| OX Software GmbH | OX App Suite |
Version: 0 ≤ 7.10.6-rev27 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:46:24.696Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"release-notes",
"x_transferred"
],
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6230_7.10.6_2023-05-02.pdf"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0003.json"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2023/Aug/8"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/173943/OX-App-Suite-SSRF-SQL-Injection-Cross-Site-Scripting.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"frontend"
],
"product": "OX App Suite",
"vendor": "OX Software GmbH",
"versions": [
{
"lessThanOrEqual": "7.10.6-rev27",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe \u0026quot;OX Count\u0026quot; web service did not specify a media-type when processing responses by external resources. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface and API. To exploit this an attacker would require temporary access to the users account or lure a user to a compromised account. We are now defining the accepted media-type to avoid code execution. No publicly available exploits are known.\u003c/p\u003e"
}
],
"value": "The \"OX Count\" web service did not specify a media-type when processing responses by external resources. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface and API. To exploit this an attacker would require temporary access to the users account or lure a user to a compromised account. We are now defining the accepted media-type to avoid code execution. No publicly available exploits are known.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-12T07:11:32.841Z",
"orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
"shortName": "OX"
},
"references": [
{
"tags": [
"release-notes"
],
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6230_7.10.6_2023-05-02.pdf"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0003.json"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Aug/8"
},
{
"url": "http://packetstormsecurity.com/files/173943/OX-App-Suite-SSRF-SQL-Injection-Cross-Site-Scripting.html"
}
],
"source": {
"defect": [
"OXUIB-2287"
],
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
"assignerShortName": "OX",
"cveId": "CVE-2023-26450",
"datePublished": "2023-08-02T12:23:43.953Z",
"dateReserved": "2023-02-22T20:42:56.091Z",
"dateUpdated": "2024-08-02T11:46:24.696Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-26448 (GCVE-0-2023-26448)
Vulnerability from cvelistv5
Published
2023-08-02 12:23
Modified
2024-08-02 11:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
Custom log-in and log-out locations are used-defined as jslob but were not checked to contain malicious protocol handlers. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface and API. To exploit this an attacker would require temporary access to the users account or lure a user to a compromised account. We now sanitize jslob content for those locations to avoid redirects to malicious content. No publicly available exploits are known.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| OX Software GmbH | OX App Suite |
Version: 0 ≤ 7.10.6-rev27 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:46:24.702Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"release-notes",
"x_transferred"
],
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6230_7.10.6_2023-05-02.pdf"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0003.json"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2023/Aug/8"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/173943/OX-App-Suite-SSRF-SQL-Injection-Cross-Site-Scripting.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"frontend"
],
"product": "OX App Suite",
"vendor": "OX Software GmbH",
"versions": [
{
"lessThanOrEqual": "7.10.6-rev27",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eCustom log-in and log-out locations are used-defined as jslob but were not checked to contain malicious protocol handlers. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface and API. To exploit this an attacker would require temporary access to the users account or lure a user to a compromised account. We now sanitize jslob content for those locations to avoid redirects to malicious content. No publicly available exploits are known.\u003c/p\u003e"
}
],
"value": "Custom log-in and log-out locations are used-defined as jslob but were not checked to contain malicious protocol handlers. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface and API. To exploit this an attacker would require temporary access to the users account or lure a user to a compromised account. We now sanitize jslob content for those locations to avoid redirects to malicious content. No publicly available exploits are known.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-12T07:11:49.742Z",
"orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
"shortName": "OX"
},
"references": [
{
"tags": [
"release-notes"
],
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6230_7.10.6_2023-05-02.pdf"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0003.json"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Aug/8"
},
{
"url": "http://packetstormsecurity.com/files/173943/OX-App-Suite-SSRF-SQL-Injection-Cross-Site-Scripting.html"
}
],
"source": {
"defect": [
"OXUIB-2285"
],
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
"assignerShortName": "OX",
"cveId": "CVE-2023-26448",
"datePublished": "2023-08-02T12:23:33.782Z",
"dateReserved": "2023-02-22T20:42:56.091Z",
"dateUpdated": "2024-08-02T11:46:24.702Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-26446 (GCVE-0-2023-26446)
Vulnerability from cvelistv5
Published
2023-08-02 12:23
Modified
2024-08-02 11:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
The users clientID at "application passwords" was not sanitized or escaped before being added to DOM. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface and API. To exploit this an attacker would require temporary access to the users account or lure a user to a compromised account. We now sanitize the user-controllable clientID parameter. No publicly available exploits are known.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| OX Software GmbH | OX App Suite |
Version: 0 ≤ 7.10.6-rev27 Version: 0 ≤ 8.11 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:46:24.519Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"release-notes",
"x_transferred"
],
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6230_7.10.6_2023-05-02.pdf"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0003.json"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2023/Aug/8"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/173943/OX-App-Suite-SSRF-SQL-Injection-Cross-Site-Scripting.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"frontend"
],
"product": "OX App Suite",
"vendor": "OX Software GmbH",
"versions": [
{
"lessThanOrEqual": "7.10.6-rev27",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.11",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe users clientID at \u0026quot;application passwords\u0026quot; was not sanitized or escaped before being added to DOM. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface and API. To exploit this an attacker would require temporary access to the users account or lure a user to a compromised account. We now sanitize the user-controllable clientID parameter. No publicly available exploits are known.\u003c/p\u003e"
}
],
"value": "The users clientID at \"application passwords\" was not sanitized or escaped before being added to DOM. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface and API. To exploit this an attacker would require temporary access to the users account or lure a user to a compromised account. We now sanitize the user-controllable clientID parameter. No publicly available exploits are known.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-12T07:12:05.775Z",
"orgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
"shortName": "OX"
},
"references": [
{
"tags": [
"release-notes"
],
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6230_7.10.6_2023-05-02.pdf"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0003.json"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Aug/8"
},
{
"url": "http://packetstormsecurity.com/files/173943/OX-App-Suite-SSRF-SQL-Injection-Cross-Site-Scripting.html"
}
],
"source": {
"defect": [
"OXUIB-2283"
],
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "8ce71d90-2354-404b-a86e-bec2cc4e6981",
"assignerShortName": "OX",
"cveId": "CVE-2023-26446",
"datePublished": "2023-08-02T12:23:25.270Z",
"dateReserved": "2023-02-22T20:42:56.091Z",
"dateUpdated": "2024-08-02T11:46:24.519Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2023-08-02 13:15
Modified
2024-11-21 07:51
Severity ?
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
The "OX Count" web service did not specify a media-type when processing responses by external resources. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface and API. To exploit this an attacker would require temporary access to the users account or lure a user to a compromised account. We are now defining the accepted media-type to avoid code execution. No publicly available exploits are known.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@open-xchange.com | http://packetstormsecurity.com/files/173943/OX-App-Suite-SSRF-SQL-Injection-Cross-Site-Scripting.html | Third Party Advisory, VDB Entry | |
| security@open-xchange.com | http://seclists.org/fulldisclosure/2023/Aug/8 | Mailing List, Third Party Advisory | |
| security@open-xchange.com | https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0003.json | ||
| security@open-xchange.com | https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6230_7.10.6_2023-05-02.pdf | Release Notes | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/173943/OX-App-Suite-SSRF-SQL-Injection-Cross-Site-Scripting.html | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2023/Aug/8 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0003.json | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6230_7.10.6_2023-05-02.pdf | Release Notes |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| open-xchange | open-xchange_appsuite_frontend | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5BFE39F-1E92-41CA-BF2B-D917F09FC31C",
"versionEndIncluding": "7.10.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The \"OX Count\" web service did not specify a media-type when processing responses by external resources. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface and API. To exploit this an attacker would require temporary access to the users account or lure a user to a compromised account. We are now defining the accepted media-type to avoid code execution. No publicly available exploits are known.\n\n"
}
],
"id": "CVE-2023-26450",
"lastModified": "2024-11-21T07:51:29.090",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "security@open-xchange.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-08-02T13:15:11.160",
"references": [
{
"source": "security@open-xchange.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/173943/OX-App-Suite-SSRF-SQL-Injection-Cross-Site-Scripting.html"
},
{
"source": "security@open-xchange.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2023/Aug/8"
},
{
"source": "security@open-xchange.com",
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0003.json"
},
{
"source": "security@open-xchange.com",
"tags": [
"Release Notes"
],
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6230_7.10.6_2023-05-02.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/173943/OX-App-Suite-SSRF-SQL-Injection-Cross-Site-Scripting.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2023/Aug/8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0003.json"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6230_7.10.6_2023-05-02.pdf"
}
],
"sourceIdentifier": "security@open-xchange.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "security@open-xchange.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-05-14 18:15
Modified
2025-04-24 19:15
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
5.6 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
5.6 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
Summary
A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@mozilla.org | https://bugzilla.mozilla.org/show_bug.cgi?id=1893645 | Issue Tracking | |
| security@mozilla.org | https://lists.debian.org/debian-lts-announce/2024/05/msg00010.html | Mailing List | |
| security@mozilla.org | https://lists.debian.org/debian-lts-announce/2024/05/msg00012.html | Mailing List | |
| security@mozilla.org | https://www.mozilla.org/security/advisories/mfsa2024-21/ | Vendor Advisory | |
| security@mozilla.org | https://www.mozilla.org/security/advisories/mfsa2024-22/ | Vendor Advisory | |
| security@mozilla.org | https://www.mozilla.org/security/advisories/mfsa2024-23/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2024/Aug/30 | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=1893645 | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://codeanlabs.com/blog/research/cve-2024-4367-arbitrary-js-execution-in-pdf-js/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/gogs/gogs/issues/7928 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/mozilla/pdf.js/releases/tag/v4.2.67 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2024/05/msg00010.html | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2024/05/msg00012.html | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.exploit-db.com/exploits/52273 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.mozilla.org/security/advisories/mfsa2024-21/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.mozilla.org/security/advisories/mfsa2024-22/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.mozilla.org/security/advisories/mfsa2024-23/ | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox | * | |
| mozilla | thunderbird | * | |
| debian | debian_linux | 10.0 | |
| open-xchange | open-xchange_appsuite_frontend | * | |
| open-xchange | open-xchange_appsuite_frontend | 7.10.6 | |
| open-xchange | open-xchange_appsuite_frontend | 7.10.6 | |
| open-xchange | open-xchange_appsuite_frontend | 7.10.6 | |
| open-xchange | open-xchange_appsuite_frontend | 7.10.6 | |
| open-xchange | open-xchange_appsuite_frontend | 7.10.6 | |
| open-xchange | open-xchange_appsuite_frontend | 7.10.6 | |
| open-xchange | open-xchange_appsuite_frontend | 7.10.6 | |
| open-xchange | open-xchange_appsuite_frontend | 7.10.6 | |
| open-xchange | open-xchange_appsuite_frontend | 7.10.6 | |
| open-xchange | open-xchange_appsuite_frontend | 7.10.6 | |
| open-xchange | open-xchange_appsuite_frontend | 7.10.6 | |
| open-xchange | open-xchange_appsuite_frontend | 7.10.6 | |
| open-xchange | open-xchange_appsuite_frontend | 7.10.6 | |
| open-xchange | open-xchange_appsuite_frontend | 7.10.6 | |
| open-xchange | open-xchange_appsuite_frontend | 7.10.6 | |
| open-xchange | open-xchange_appsuite_frontend | 7.10.6 | |
| open-xchange | open-xchange_appsuite_frontend | 7.10.6 | |
| open-xchange | open-xchange_appsuite_frontend | 7.10.6 | |
| open-xchange | open-xchange_appsuite_frontend | 7.10.6 | |
| open-xchange | open-xchange_appsuite_frontend | 7.10.6 | |
| open-xchange | open-xchange_appsuite_frontend | 7.10.6 | |
| open-xchange | open-xchange_appsuite_frontend | 7.10.6 | |
| open-xchange | open-xchange_appsuite_frontend | 7.10.6 | |
| open-xchange | open-xchange_appsuite_frontend | 7.10.6 | |
| open-xchange | open-xchange_appsuite_frontend | 7.10.6 | |
| open-xchange | open-xchange_appsuite_frontend | 7.10.6 | |
| open-xchange | open-xchange_appsuite_frontend | 7.10.6 | |
| open-xchange | open-xchange_appsuite_frontend | 7.10.6 | |
| open-xchange | open-xchange_appsuite_frontend | 7.10.6 | |
| open-xchange | open-xchange_appsuite_frontend | 7.10.6 | |
| open-xchange | open-xchange_appsuite_frontend | 7.10.6 | |
| open-xchange | open-xchange_appsuite_frontend | 7.10.6 | |
| open-xchange | open-xchange_appsuite_frontend | 7.10.6 | |
| open-xchange | open-xchange_appsuite_frontend | 7.10.6 | |
| open-xchange | open-xchange_appsuite_frontend | 7.10.6 | |
| open-xchange | open-xchange_appsuite_frontend | 7.10.6 | |
| open-xchange | open-xchange_appsuite_frontend | 7.10.6 | |
| open-xchange | open-xchange_appsuite_frontend | 7.10.6 | |
| open-xchange | open-xchange_appsuite_frontend | 7.10.6 | |
| open-xchange | open-xchange_appsuite_frontend | 7.10.6 | |
| open-xchange | open-xchange_appsuite_frontend | 7.10.6 | |
| open-xchange | open-xchange_appsuite_frontend | 7.10.6 | |
| open-xchange | open-xchange_appsuite_frontend | 7.10.6 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*",
"matchCriteriaId": "DCAE3CC2-8B68-45CA-BADF-3DF1AF50ECD6",
"versionEndExcluding": "115.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*",
"matchCriteriaId": "2695925F-3984-4304-A630-5FF27054F360",
"versionEndExcluding": "126.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0C7339B9-8741-4320-BF1C-3BC9F1D051FF",
"versionEndExcluding": "115.11.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:*:*:*:*:*:*:*:*",
"matchCriteriaId": "36FAB456-0B41-41D1-996F-1E3D09610837",
"versionEndExcluding": "7.10.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:-:*:*:*:*:*:*",
"matchCriteriaId": "88333816-A52C-4532-873F-FB63F9D8EF50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision10:*:*:*:*:*:*",
"matchCriteriaId": "E7A59CB6-CC3B-456E-9D86-C4CF9E6E498A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision11:*:*:*:*:*:*",
"matchCriteriaId": "921BE65B-3D3D-4FC3-95DA-9BC952867DDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision12:*:*:*:*:*:*",
"matchCriteriaId": "B72BEA46-A56F-48C6-BA27-EEAECB5E5CBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision13:*:*:*:*:*:*",
"matchCriteriaId": "FEB4F9B6-0B66-428B-99F7-65899B67661D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision14:*:*:*:*:*:*",
"matchCriteriaId": "C5D81A00-9E65-4EDC-81B4-E9BA41DAFBC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision15:*:*:*:*:*:*",
"matchCriteriaId": "48ABE078-AEE4-4757-BC2A-BA93441217A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision16:*:*:*:*:*:*",
"matchCriteriaId": "F348FAF7-E5C1-4CD1-A03A-7533320F5541",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision17:*:*:*:*:*:*",
"matchCriteriaId": "099C0FAB-5E2E-4E31-890F-887866433240",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision18:*:*:*:*:*:*",
"matchCriteriaId": "77C79C72-DECD-49F2-A0EA-5CC5D502A57A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision19:*:*:*:*:*:*",
"matchCriteriaId": "D6942894-A851-4E45-AFE8-980732893B8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision20:*:*:*:*:*:*",
"matchCriteriaId": "C3975146-09F6-4654-887D-4346152717FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision21:*:*:*:*:*:*",
"matchCriteriaId": "FBF5C6B3-DAF1-443D-9A2C-531C88283023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision22:*:*:*:*:*:*",
"matchCriteriaId": "D20DBECD-C640-4C00-882C-0890DA4972F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision23:*:*:*:*:*:*",
"matchCriteriaId": "9B1E6293-A648-4585-970C-D42BAECC325D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision24:*:*:*:*:*:*",
"matchCriteriaId": "E1F0C305-68E7-4D26-92AB-861656D4D60A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision25:*:*:*:*:*:*",
"matchCriteriaId": "FEA7C621-C614-471F-807C-21D3B1B4D958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision26:*:*:*:*:*:*",
"matchCriteriaId": "887D575F-E401-4C1F-ADDC-7F16E43FDFE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision27:*:*:*:*:*:*",
"matchCriteriaId": "03C62BEE-A21A-4065-B881-04BDEA26A6FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision28:*:*:*:*:*:*",
"matchCriteriaId": "5F505772-330D-40FB-A7B3-A36B67E6AC7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision29:*:*:*:*:*:*",
"matchCriteriaId": "1B4943D5-A188-4115-995A-3096455EB5AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision3:*:*:*:*:*:*",
"matchCriteriaId": "85ECCEA8-66F7-4075-A800-3E2CDE8AFE18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision30:*:*:*:*:*:*",
"matchCriteriaId": "165F7F6B-D335-46DE-8BC9-5A583B86867B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision31:*:*:*:*:*:*",
"matchCriteriaId": "C84E2AE8-2F76-4E1F-8FB4-F260B4D4EE36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision32:*:*:*:*:*:*",
"matchCriteriaId": "2597BB89-E838-4ED8-89C0-84D8C47A0A15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision33:*:*:*:*:*:*",
"matchCriteriaId": "1E1ED3FD-EAB2-41A5-93C3-E9D31AF53E2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision34:*:*:*:*:*:*",
"matchCriteriaId": "2080E636-6C5D-4432-B07B-BED2244BDB39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision35:*:*:*:*:*:*",
"matchCriteriaId": "002FC2E8-2A04-415A-9898-119A739EB0F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision36:*:*:*:*:*:*",
"matchCriteriaId": "70B28907-BAD8-4876-9C39-E980351A2470",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision37:*:*:*:*:*:*",
"matchCriteriaId": "FB937D6A-D429-4891-BB3A-28A0B039AA3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision38:*:*:*:*:*:*",
"matchCriteriaId": "99FC8686-6511-42F7-AE15-EABF3CF1063B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision39:*:*:*:*:*:*",
"matchCriteriaId": "20C91E21-36C2-4707-A328-60B93D26297C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision4:*:*:*:*:*:*",
"matchCriteriaId": "A854AAC3-3ED9-4B28-AE12-221BB21869DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision40:*:*:*:*:*:*",
"matchCriteriaId": "631CCE15-D3BB-474A-8C61-B182A7B57125",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision41:*:*:*:*:*:*",
"matchCriteriaId": "626D1B88-86C2-4768-9B0F-CF675BCCE0E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision42:*:*:*:*:*:*",
"matchCriteriaId": "93648317-8C93-4212-AFE3-27B5B271A735",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision43:*:*:*:*:*:*",
"matchCriteriaId": "9B5FADC4-3DE4-48FF-A1EF-897475330769",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision44:*:*:*:*:*:*",
"matchCriteriaId": "79685312-DD43-4BA8-81D1-113E967F7D73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision5:*:*:*:*:*:*",
"matchCriteriaId": "F1127A48-219E-4083-A4D8-1BD47D1EC780",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision6:*:*:*:*:*:*",
"matchCriteriaId": "FC14EBB2-44E8-420A-B799-EEF5EDD25742",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision7:*:*:*:*:*:*",
"matchCriteriaId": "87F12C86-40B3-4890-8663-722402C34100",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision8:*:*:*:*:*:*",
"matchCriteriaId": "358F76F5-CCDC-4DB6-BB44-0B4D8E0028A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.10.6:revision9:*:*:*:*:*:*",
"matchCriteriaId": "2DE19BCC-A9CA-4CCC-B7DE-5A90710DD98C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affects Firefox \u003c 126, Firefox ESR \u003c 115.11, and Thunderbird \u003c 115.11."
},
{
"lang": "es",
"value": "Faltaba una verificaci\u00f3n de tipo al manejar fuentes en PDF.js, lo que permitir\u00eda la ejecuci\u00f3n arbitraria de JavaScript en el contexto de PDF.js. Esta vulnerabilidad afecta a Firefox \u0026lt; 126, Firefox ESR \u0026lt; 115.11 y Thunderbird \u0026lt; 115.11."
}
],
"id": "CVE-2024-4367",
"lastModified": "2025-04-24T19:15:46.007",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.4,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2024-05-14T18:15:12.467",
"references": [
{
"source": "security@mozilla.org",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1893645"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00010.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00012.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2024-21/"
},
{
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2024-22/"
},
{
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2024-23/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://seclists.org/fulldisclosure/2024/Aug/30"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1893645"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://codeanlabs.com/blog/research/cve-2024-4367-arbitrary-js-execution-in-pdf-js/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/gogs/gogs/issues/7928"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/mozilla/pdf.js/releases/tag/v4.2.67"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00012.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/52273"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2024-21/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2024-22/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2024-23/"
}
],
"sourceIdentifier": "security@mozilla.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-754"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-08-02 13:15
Modified
2024-11-21 07:51
Severity ?
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:L
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
Frontend themes are defined by user-controllable jslob settings and could point to a malicious resource which gets processed during login. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface and API. To exploit this an attacker would require temporary access to the users account or lure a user to a compromised account. We now sanitize the theme value and use a default fallback if no theme matches. No publicly available exploits are known.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@open-xchange.com | http://packetstormsecurity.com/files/173943/OX-App-Suite-SSRF-SQL-Injection-Cross-Site-Scripting.html | Third Party Advisory, VDB Entry | |
| security@open-xchange.com | http://seclists.org/fulldisclosure/2023/Aug/8 | Mailing List, Third Party Advisory | |
| security@open-xchange.com | https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0003.json | ||
| security@open-xchange.com | https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6230_7.10.6_2023-05-02.pdf | Release Notes | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/173943/OX-App-Suite-SSRF-SQL-Injection-Cross-Site-Scripting.html | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2023/Aug/8 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0003.json | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6230_7.10.6_2023-05-02.pdf | Release Notes |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| open-xchange | open-xchange_appsuite_frontend | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5BFE39F-1E92-41CA-BF2B-D917F09FC31C",
"versionEndIncluding": "7.10.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Frontend themes are defined by user-controllable jslob settings and could point to a malicious resource which gets processed during login. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface and API. To exploit this an attacker would require temporary access to the users account or lure a user to a compromised account. We now sanitize the theme value and use a default fallback if no theme matches. No publicly available exploits are known.\n\n"
}
],
"id": "CVE-2023-26445",
"lastModified": "2024-11-21T07:51:28.217",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "security@open-xchange.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-08-02T13:15:10.797",
"references": [
{
"source": "security@open-xchange.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/173943/OX-App-Suite-SSRF-SQL-Injection-Cross-Site-Scripting.html"
},
{
"source": "security@open-xchange.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2023/Aug/8"
},
{
"source": "security@open-xchange.com",
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0003.json"
},
{
"source": "security@open-xchange.com",
"tags": [
"Release Notes"
],
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6230_7.10.6_2023-05-02.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/173943/OX-App-Suite-SSRF-SQL-Injection-Cross-Site-Scripting.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2023/Aug/8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0003.json"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6230_7.10.6_2023-05-02.pdf"
}
],
"sourceIdentifier": "security@open-xchange.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "security@open-xchange.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-03-29 14:59
Modified
2025-04-20 01:37
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in Open-Xchange (OX) AppSuite backend before 7.6.2-rev59, 7.8.0 before 7.8.0-rev38, 7.8.2 before 7.8.2-rev8; AppSuite frontend before 7.6.2-rev47, 7.8.0 before 7.8.0-rev30, and 7.8.2 before 7.8.2-rev8; Office Web before 7.6.2-rev16, 7.8.0 before 7.8.0-rev10, and 7.8.2 before 7.8.2-rev5; and Documentconverter-API before 7.8.2-rev5 allows remote attackers to inject arbitrary web script or HTML.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://software.open-xchange.com/OX6/doc/Release_Notes_for_Patch_Release_3520_7.8.0_2016-08-29.pdf | Release Notes, Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/93457 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://software.open-xchange.com/OX6/6.22/doc/Release_Notes_for_Patch_Release_3518_7.6.2_2016-08-29.pdf | Release Notes, Vendor Advisory | |
| cve@mitre.org | https://software.open-xchange.com/OX6/6.22/doc/Release_Notes_for_Patch_Release_3522_7.8.2_2016-08-29.pdf | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://software.open-xchange.com/OX6/doc/Release_Notes_for_Patch_Release_3520_7.8.0_2016-08-29.pdf | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/93457 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://software.open-xchange.com/OX6/6.22/doc/Release_Notes_for_Patch_Release_3518_7.6.2_2016-08-29.pdf | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://software.open-xchange.com/OX6/6.22/doc/Release_Notes_for_Patch_Release_3522_7.8.2_2016-08-29.pdf | Release Notes, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| open-xchange | documentconverter-api | 7.8.2 | |
| open-xchange | office_web | 7.6.2 | |
| open-xchange | office_web | 7.8.0 | |
| open-xchange | office_web | 7.8.2 | |
| open-xchange | open-xchange_appsuite_backend | 7.6.2 | |
| open-xchange | open-xchange_appsuite_backend | 7.8.0 | |
| open-xchange | open-xchange_appsuite_backend | 7.8.2 | |
| open-xchange | open-xchange_appsuite_frontend | 7.6.2 | |
| open-xchange | open-xchange_appsuite_frontend | 7.8.0 | |
| open-xchange | open-xchange_appsuite_frontend | 7.8.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:open-xchange:documentconverter-api:7.8.2:rev4:*:*:*:*:*:*",
"matchCriteriaId": "84AD8594-8E1B-4F60-921B-C53A924EF7D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:office_web:7.6.2:rev15:*:*:*:*:*:*",
"matchCriteriaId": "1041CD76-9C55-42A4-81B9-9149897E2FAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:office_web:7.8.0:rev9:*:*:*:*:*:*",
"matchCriteriaId": "A8527183-07B0-4C15-98FD-5478C37B40D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:office_web:7.8.2:rev4:*:*:*:*:*:*",
"matchCriteriaId": "95A418D2-8171-4E73-8AE7-C7DC552CFC5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_backend:7.6.2:rev58:*:*:*:*:*:*",
"matchCriteriaId": "DBA3F9E8-DF1B-462C-8FA2-2BBAD3F61274",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_backend:7.8.0:rev37:*:*:*:*:*:*",
"matchCriteriaId": "90367339-5580-440F-8718-1CF142EC2412",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_backend:7.8.2:rev7:*:*:*:*:*:*",
"matchCriteriaId": "619D4F63-FB6F-474F-A78A-F2B5A5556878",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.6.2:rev46:*:*:*:*:*:*",
"matchCriteriaId": "3FC76B02-B27F-4FC4-BCB0-77ACBBBCA69B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.8.0:rev29:*:*:*:*:*:*",
"matchCriteriaId": "6E81CCF3-6D5F-46CF-BB68-0E878B7BDFF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:7.8.2:rev7:*:*:*:*:*:*",
"matchCriteriaId": "80CCB01F-D7CC-4C4E-BC65-8A5BFB5DE06A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Open-Xchange (OX) AppSuite backend before 7.6.2-rev59, 7.8.0 before 7.8.0-rev38, 7.8.2 before 7.8.2-rev8; AppSuite frontend before 7.6.2-rev47, 7.8.0 before 7.8.0-rev30, and 7.8.2 before 7.8.2-rev8; Office Web before 7.6.2-rev16, 7.8.0 before 7.8.0-rev10, and 7.8.2 before 7.8.2-rev5; and Documentconverter-API before 7.8.2-rev5 allows remote attackers to inject arbitrary web script or HTML."
},
{
"lang": "es",
"value": "Vulnerabilidad XSS en Open-Xchange (OX) AppSuite backend en versiones anteriores a 7.6.2-rev59, 7.8.0 en versiones anteriores a 7.8.0-rev38, 7.8.2 en versiones anteriores a 7.8.2-rev8; interfaz AppSuite en versiones anteriores a 7.6.2-rev47, 7.8.0 en versiones anteriores a 7.8.0-rev30 y 7.8.2 en versiones anteriores a 7.8.2-rev8; Office Web en versiones anteriores a 7.6.2-rev16, 7.8.0 en versiones anteriores a 7.8.0-rev10 y 7.8.2 en versiones anteriores a 7.8.2-rev5; y Documentconverter-API en versiones anteriores a 7.8.2-rev5 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios."
}
],
"id": "CVE-2016-6846",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-29T14:59:00.313",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://software.open-xchange.com/OX6/doc/Release_Notes_for_Patch_Release_3520_7.8.0_2016-08-29.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/93457"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://software.open-xchange.com/OX6/6.22/doc/Release_Notes_for_Patch_Release_3518_7.6.2_2016-08-29.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://software.open-xchange.com/OX6/6.22/doc/Release_Notes_for_Patch_Release_3522_7.8.2_2016-08-29.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://software.open-xchange.com/OX6/doc/Release_Notes_for_Patch_Release_3520_7.8.0_2016-08-29.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/93457"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://software.open-xchange.com/OX6/6.22/doc/Release_Notes_for_Patch_Release_3518_7.6.2_2016-08-29.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://software.open-xchange.com/OX6/6.22/doc/Release_Notes_for_Patch_Release_3522_7.8.2_2016-08-29.pdf"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-08-02 13:15
Modified
2024-11-21 07:51
Severity ?
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
Custom log-in and log-out locations are used-defined as jslob but were not checked to contain malicious protocol handlers. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface and API. To exploit this an attacker would require temporary access to the users account or lure a user to a compromised account. We now sanitize jslob content for those locations to avoid redirects to malicious content. No publicly available exploits are known.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@open-xchange.com | http://packetstormsecurity.com/files/173943/OX-App-Suite-SSRF-SQL-Injection-Cross-Site-Scripting.html | Third Party Advisory, VDB Entry | |
| security@open-xchange.com | http://seclists.org/fulldisclosure/2023/Aug/8 | Mailing List, Third Party Advisory | |
| security@open-xchange.com | https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0003.json | ||
| security@open-xchange.com | https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6230_7.10.6_2023-05-02.pdf | Release Notes | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/173943/OX-App-Suite-SSRF-SQL-Injection-Cross-Site-Scripting.html | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2023/Aug/8 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0003.json | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6230_7.10.6_2023-05-02.pdf | Release Notes |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| open-xchange | open-xchange_appsuite_frontend | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5BFE39F-1E92-41CA-BF2B-D917F09FC31C",
"versionEndIncluding": "7.10.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Custom log-in and log-out locations are used-defined as jslob but were not checked to contain malicious protocol handlers. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface and API. To exploit this an attacker would require temporary access to the users account or lure a user to a compromised account. We now sanitize jslob content for those locations to avoid redirects to malicious content. No publicly available exploits are known.\n\n"
}
],
"id": "CVE-2023-26448",
"lastModified": "2024-11-21T07:51:28.737",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "security@open-xchange.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-08-02T13:15:11.017",
"references": [
{
"source": "security@open-xchange.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/173943/OX-App-Suite-SSRF-SQL-Injection-Cross-Site-Scripting.html"
},
{
"source": "security@open-xchange.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2023/Aug/8"
},
{
"source": "security@open-xchange.com",
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0003.json"
},
{
"source": "security@open-xchange.com",
"tags": [
"Release Notes"
],
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6230_7.10.6_2023-05-02.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/173943/OX-App-Suite-SSRF-SQL-Injection-Cross-Site-Scripting.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2023/Aug/8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0003.json"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6230_7.10.6_2023-05-02.pdf"
}
],
"sourceIdentifier": "security@open-xchange.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "security@open-xchange.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-08-02 13:15
Modified
2024-11-21 07:51
Severity ?
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
The "upsell" widget for the portal allows to specify a product description. This description taken from a user-controllable jslob did not get escaped before being added to DOM. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface and API. To exploit this an attacker would require temporary access to the users account or lure a user to a compromised account. We now sanitize jslob content. No publicly available exploits are known.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@open-xchange.com | http://packetstormsecurity.com/files/173943/OX-App-Suite-SSRF-SQL-Injection-Cross-Site-Scripting.html | Third Party Advisory, VDB Entry | |
| security@open-xchange.com | http://seclists.org/fulldisclosure/2023/Aug/8 | Mailing List, Third Party Advisory | |
| security@open-xchange.com | https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0003.json | ||
| security@open-xchange.com | https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6230_7.10.6_2023-05-02.pdf | Release Notes | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/173943/OX-App-Suite-SSRF-SQL-Injection-Cross-Site-Scripting.html | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2023/Aug/8 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0003.json | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6230_7.10.6_2023-05-02.pdf | Release Notes |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| open-xchange | open-xchange_appsuite_frontend | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5BFE39F-1E92-41CA-BF2B-D917F09FC31C",
"versionEndIncluding": "7.10.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The \"upsell\" widget for the portal allows to specify a product description. This description taken from a user-controllable jslob did not get escaped before being added to DOM. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface and API. To exploit this an attacker would require temporary access to the users account or lure a user to a compromised account. We now sanitize jslob content. No publicly available exploits are known.\n\n"
}
],
"id": "CVE-2023-26447",
"lastModified": "2024-11-21T07:51:28.567",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "security@open-xchange.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-08-02T13:15:10.947",
"references": [
{
"source": "security@open-xchange.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/173943/OX-App-Suite-SSRF-SQL-Injection-Cross-Site-Scripting.html"
},
{
"source": "security@open-xchange.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2023/Aug/8"
},
{
"source": "security@open-xchange.com",
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0003.json"
},
{
"source": "security@open-xchange.com",
"tags": [
"Release Notes"
],
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6230_7.10.6_2023-05-02.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/173943/OX-App-Suite-SSRF-SQL-Injection-Cross-Site-Scripting.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2023/Aug/8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0003.json"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6230_7.10.6_2023-05-02.pdf"
}
],
"sourceIdentifier": "security@open-xchange.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "security@open-xchange.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-08-02 13:15
Modified
2024-11-21 07:51
Severity ?
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
The "OX Chat" web service did not specify a media-type when processing responses by external resources. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface and API. To exploit this an attacker would require temporary access to the users account or lure a user to a compromised account. We are now defining the accepted media-type to avoid code execution. No publicly available exploits are known.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@open-xchange.com | http://packetstormsecurity.com/files/173943/OX-App-Suite-SSRF-SQL-Injection-Cross-Site-Scripting.html | Third Party Advisory, VDB Entry | |
| security@open-xchange.com | http://seclists.org/fulldisclosure/2023/Aug/8 | Mailing List, Third Party Advisory | |
| security@open-xchange.com | https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0003.json | ||
| security@open-xchange.com | https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6230_7.10.6_2023-05-02.pdf | Release Notes | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/173943/OX-App-Suite-SSRF-SQL-Injection-Cross-Site-Scripting.html | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2023/Aug/8 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0003.json | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6230_7.10.6_2023-05-02.pdf | Release Notes |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| open-xchange | open-xchange_appsuite_frontend | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5BFE39F-1E92-41CA-BF2B-D917F09FC31C",
"versionEndIncluding": "7.10.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The \"OX Chat\" web service did not specify a media-type when processing responses by external resources. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface and API. To exploit this an attacker would require temporary access to the users account or lure a user to a compromised account. We are now defining the accepted media-type to avoid code execution. No publicly available exploits are known.\n\n"
}
],
"id": "CVE-2023-26449",
"lastModified": "2024-11-21T07:51:28.913",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "security@open-xchange.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-08-02T13:15:11.090",
"references": [
{
"source": "security@open-xchange.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/173943/OX-App-Suite-SSRF-SQL-Injection-Cross-Site-Scripting.html"
},
{
"source": "security@open-xchange.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2023/Aug/8"
},
{
"source": "security@open-xchange.com",
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0003.json"
},
{
"source": "security@open-xchange.com",
"tags": [
"Release Notes"
],
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6230_7.10.6_2023-05-02.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/173943/OX-App-Suite-SSRF-SQL-Injection-Cross-Site-Scripting.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2023/Aug/8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0003.json"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6230_7.10.6_2023-05-02.pdf"
}
],
"sourceIdentifier": "security@open-xchange.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "security@open-xchange.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-08-02 13:15
Modified
2024-11-21 07:51
Severity ?
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
The users clientID at "application passwords" was not sanitized or escaped before being added to DOM. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface and API. To exploit this an attacker would require temporary access to the users account or lure a user to a compromised account. We now sanitize the user-controllable clientID parameter. No publicly available exploits are known.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@open-xchange.com | http://packetstormsecurity.com/files/173943/OX-App-Suite-SSRF-SQL-Injection-Cross-Site-Scripting.html | Third Party Advisory, VDB Entry | |
| security@open-xchange.com | http://seclists.org/fulldisclosure/2023/Aug/8 | Mailing List, Third Party Advisory | |
| security@open-xchange.com | https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0003.json | ||
| security@open-xchange.com | https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6230_7.10.6_2023-05-02.pdf | Release Notes | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/173943/OX-App-Suite-SSRF-SQL-Injection-Cross-Site-Scripting.html | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2023/Aug/8 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0003.json | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6230_7.10.6_2023-05-02.pdf | Release Notes |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| open-xchange | open-xchange_appsuite_frontend | * | |
| open-xchange | open-xchange_appsuite_frontend | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5BFE39F-1E92-41CA-BF2B-D917F09FC31C",
"versionEndIncluding": "7.10.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_frontend:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6778030-6B8F-43A6-984E-7C5A68645EDB",
"versionEndExcluding": "8.12",
"versionStartIncluding": "8.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The users clientID at \"application passwords\" was not sanitized or escaped before being added to DOM. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface and API. To exploit this an attacker would require temporary access to the users account or lure a user to a compromised account. We now sanitize the user-controllable clientID parameter. No publicly available exploits are known.\n\n"
}
],
"id": "CVE-2023-26446",
"lastModified": "2024-11-21T07:51:28.387",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "security@open-xchange.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-08-02T13:15:10.877",
"references": [
{
"source": "security@open-xchange.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/173943/OX-App-Suite-SSRF-SQL-Injection-Cross-Site-Scripting.html"
},
{
"source": "security@open-xchange.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2023/Aug/8"
},
{
"source": "security@open-xchange.com",
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0003.json"
},
{
"source": "security@open-xchange.com",
"tags": [
"Release Notes"
],
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6230_7.10.6_2023-05-02.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/173943/OX-App-Suite-SSRF-SQL-Injection-Cross-Site-Scripting.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2023/Aug/8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://documentation.open-xchange.com/appsuite/security/advisories/csaf/2023/oxas-adv-2023-0003.json"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6230_7.10.6_2023-05-02.pdf"
}
],
"sourceIdentifier": "security@open-xchange.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "security@open-xchange.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}