fkie_cve-2020-8542
Vulnerability from fkie_nvd
Published
2020-06-16 14:15
Modified
2024-11-21 05:39
Severity ?
Summary
OX App Suite through 7.10.3 allows XSS.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.1:-:*:*:*:*:*:*",
"matchCriteriaId": "B8D06749-1B27-4C7C-9436-1AD842471D19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.1:rev1:*:*:*:*:*:*",
"matchCriteriaId": "368ECEBC-4553-4A2A-8A2A-A4B8909C321D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.1:rev10:*:*:*:*:*:*",
"matchCriteriaId": "33BFF8F7-DB19-4F7B-9FED-5D3E50E31C2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.1:rev11:*:*:*:*:*:*",
"matchCriteriaId": "8E60A592-965B-4ECD-BE52-C8BCF8164A6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.1:rev12:*:*:*:*:*:*",
"matchCriteriaId": "37DC59B1-D23F-40EB-9F54-0BBBC8FA86E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.1:rev13:*:*:*:*:*:*",
"matchCriteriaId": "91897609-C38E-47ED-9A45-34C26ACD4558",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.1:rev14:*:*:*:*:*:*",
"matchCriteriaId": "68CD6B95-5EAA-4D14-8958-787E7B8ADD8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.1:rev15:*:*:*:*:*:*",
"matchCriteriaId": "A4EBEBD1-9E8A-4C18-95FA-E7D83A7DC557",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.1:rev16:*:*:*:*:*:*",
"matchCriteriaId": "6BAF8872-87D9-4271-80AA-E4200E6D8F5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.1:rev17:*:*:*:*:*:*",
"matchCriteriaId": "E0FDDD1D-7EDC-4ED8-9288-DA1976B044FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.1:rev18:*:*:*:*:*:*",
"matchCriteriaId": "AE6BC6B0-66A7-4B0A-9B11-E41A3C29064D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.1:rev19:*:*:*:*:*:*",
"matchCriteriaId": "0B981446-14BE-43A9-86FE-F282E8DA393D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.1:rev2:*:*:*:*:*:*",
"matchCriteriaId": "4190E7EF-E9BF-4B87-B5A7-F1C5639CF701",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.1:rev20:*:*:*:*:*:*",
"matchCriteriaId": "DC995A29-A9DB-4160-BEAD-7E6A3606F802",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.1:rev21:*:*:*:*:*:*",
"matchCriteriaId": "890672A1-63E4-45BA-B4A7-B1DCFCE03E17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.1:rev22:*:*:*:*:*:*",
"matchCriteriaId": "32AB90D5-CF22-45E4-A7E5-A3BC355C051A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.1:rev23:*:*:*:*:*:*",
"matchCriteriaId": "4287D478-7B66-4B94-AF06-FCFA3E3A49E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.1:rev24:*:*:*:*:*:*",
"matchCriteriaId": "6949270A-47D6-495B-8B3A-CC97351E0B72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.1:rev25:*:*:*:*:*:*",
"matchCriteriaId": "FF8F4DA7-035F-4C6E-9E97-265CC57A548B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.1:rev26:*:*:*:*:*:*",
"matchCriteriaId": "F6C50535-9E15-418A-8908-23C247CCF861",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.1:rev27:*:*:*:*:*:*",
"matchCriteriaId": "8503C015-94AF-419C-95DE-1A1043811B60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.1:rev3:*:*:*:*:*:*",
"matchCriteriaId": "8DF4B515-D246-44A9-B4FA-094E33840EAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.1:rev4:*:*:*:*:*:*",
"matchCriteriaId": "20D6F057-6D60-45CD-AF64-A17655FE4332",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.1:rev5:*:*:*:*:*:*",
"matchCriteriaId": "8AAEEE04-5D35-4007-9C19-47139D574C6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.1:rev6:*:*:*:*:*:*",
"matchCriteriaId": "534A44A6-9F3F-4A95-8397-1264537AF98B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.1:rev7:*:*:*:*:*:*",
"matchCriteriaId": "0FDC984D-9BA2-44A8-A448-0B5FFD3714F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.1:rev8:*:*:*:*:*:*",
"matchCriteriaId": "10C3CE2E-D599-4E7B-8DF7-CE143D38C248",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.1:rev9:*:*:*:*:*:*",
"matchCriteriaId": "5D50AB43-34ED-4514-A46D-17DCE8C0E13B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.2:-:*:*:*:*:*:*",
"matchCriteriaId": "A1E055C3-BE99-4EB8-8D28-1275A1607E01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.2:rev1:*:*:*:*:*:*",
"matchCriteriaId": "3A43F58A-EF5F-470F-AD23-EA211A257B87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.2:rev10:*:*:*:*:*:*",
"matchCriteriaId": "AF15D091-E31B-4AF7-8565-A545338443D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.2:rev11:*:*:*:*:*:*",
"matchCriteriaId": "6530A58D-89B1-4991-8182-2CB39FF0607D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.2:rev12:*:*:*:*:*:*",
"matchCriteriaId": "359C31C1-FC65-4DB5-AC13-78752B991D85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.2:rev13:*:*:*:*:*:*",
"matchCriteriaId": "20B39EEB-AE1F-41EF-BDA2-0C05583C19A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.2:rev14:*:*:*:*:*:*",
"matchCriteriaId": "6814E0FE-C61F-4621-BCE9-E315FD27BDF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.2:rev15:*:*:*:*:*:*",
"matchCriteriaId": "C500DC8B-1E2D-4D9E-89BF-DB1F583FCE1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.2:rev16:*:*:*:*:*:*",
"matchCriteriaId": "B31AF178-6903-4C9C-85D0-4FC64B523D94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.2:rev17:*:*:*:*:*:*",
"matchCriteriaId": "78BBF7A1-2683-4A1A-A907-22AA08547C34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.2:rev18:*:*:*:*:*:*",
"matchCriteriaId": "8E8D7027-437A-4ACA-A4A1-34F2A1E49EFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.2:rev19:*:*:*:*:*:*",
"matchCriteriaId": "233AF909-1320-4F50-98AE-0C3597EB77B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.2:rev2:*:*:*:*:*:*",
"matchCriteriaId": "8B99076E-CAAF-478A-A6CA-5F4D555F4F13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.2:rev3:*:*:*:*:*:*",
"matchCriteriaId": "71AD5083-1D8A-4F84-8263-EB724F2BAFB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.2:rev4:*:*:*:*:*:*",
"matchCriteriaId": "F2E2CBB1-66E4-463E-9C13-36311A5E57CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.2:rev5:*:*:*:*:*:*",
"matchCriteriaId": "78419EB9-7DBD-4D86-9D9F-D207BE4A5606",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.2:rev6:*:*:*:*:*:*",
"matchCriteriaId": "6CFDEA47-85E0-468F-ACE1-D246C690B8D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.2:rev7:*:*:*:*:*:*",
"matchCriteriaId": "51A93D40-8EC9-42FA-88B5-2C6A105D45DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.2:rev8:*:*:*:*:*:*",
"matchCriteriaId": "990A037D-78A9-4BA5-B0E6-66D33B553CCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.2:rev9:*:*:*:*:*:*",
"matchCriteriaId": "84AB3311-A474-43B3-A613-F876042473A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.3:-:*:*:*:*:*:*",
"matchCriteriaId": "D3CF4C4E-3FF0-4B4A-8246-8F8981D66180",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.3:rev1:*:*:*:*:*:*",
"matchCriteriaId": "3B7503E3-6317-4DD7-9EDD-AB5A0586BADE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.3:rev2:*:*:*:*:*:*",
"matchCriteriaId": "26BF76EC-F32F-4DAB-8EB0-8B24E76D2593",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.3:rev3:*:*:*:*:*:*",
"matchCriteriaId": "B031D97E-A967-4124-8A42-EFA4B3576124",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.3:rev4:*:*:*:*:*:*",
"matchCriteriaId": "649774E8-6489-4AD7-95A8-AAF7154B2C05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.3:rev5:*:*:*:*:*:*",
"matchCriteriaId": "A2A1BB49-EAFD-4458-AA8B-BF4B195927C5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "OX App Suite through 7.10.3 allows XSS."
},
{
"lang": "es",
"value": "OX App Suite versiones hasta 7.10.3, permite un ataque de tipo XSS"
}
],
"id": "CVE-2020-8542",
"lastModified": "2024-11-21T05:39:00.043",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-06-16T14:15:11.617",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/158932/OX-App-Suite-OX-Documents-XSS-SSRF-Bypass.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2020/Aug/14"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://packetstormsecurity.com/files/158070/OX-App-Suite-OX-Documents-7.10.3-XSS-SSRF-Improper-Validation.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Product",
"Vendor Advisory"
],
"url": "https://www.open-xchange.com/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/158932/OX-App-Suite-OX-Documents-XSS-SSRF-Bypass.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2020/Aug/14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://packetstormsecurity.com/files/158070/OX-App-Suite-OX-Documents-7.10.3-XSS-SSRF-Improper-Validation.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product",
"Vendor Advisory"
],
"url": "https://www.open-xchange.com/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…