CVE-2013-2583

Name of the Vulnerable Software and Affected Versions Open-Xchange AppSuite and Server versions prior to 6.20.7 rev16 Open-Xchange AppSuite and Server versions 6.22.0 prior to rev15 Open-Xchange AppSuite and Server versions 6.22.1 prior to rev17 Open-Xchange AppSuite and Server versions 7.0.1 prior to rev6 Open-Xchange AppSuite and Server versions 7.0.2 prior to rev7

Description The issue allows remote attackers to inject arbitrary web script or HTML via various means, including a javascript: URL, malformed nested SCRIPT elements, a mail signature, or JavaScript code within an image file.

Recommendations For versions prior to 6.20.7 rev16, update to version 6.20.7 rev16 or later. For versions 6.22.0 prior to rev15, update to version 6.22.0 rev15 or later. For versions 6.22.1 prior to rev17, update to version 6.22.1 rev17 or later. For versions 7.0.1 prior to rev6, update to version 7.0.1 rev6 or later. For versions 7.0.2 prior to rev7, update to version 7.0.2 rev7 or later.