PT-2013-5734 · Open Xchange · Open-Xchange Server+1
Publicado
2013-09-05
·
Atualizado
2013-09-06
·
CVE-2013-5698
CVSS v2.0
3.5
Baixa
| Vetor | AV:N/AC:M/Au:S/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Open-Xchange AppSuite and Server versions prior to 6.22.0 rev16
Open-Xchange AppSuite and Server versions 6.22.1 prior to rev19
Open-Xchange AppSuite and Server versions 7.0.1 prior to rev7
Open-Xchange AppSuite and Server versions 7.0.2 prior to rev11
Open-Xchange AppSuite and Server versions 7.2.0 prior to rev8
Description
A cross-site scripting (XSS) issue allows remote authenticated users to inject arbitrary web script or HTML via a delivery=view action.
Recommendations
For versions prior to 6.22.0 rev16, update to version 6.22.0 rev16 or later.
For versions 6.22.1 prior to rev19, update to version 6.22.1 rev19 or later.
For versions 7.0.1 prior to rev7, update to version 7.0.1 rev7 or later.
For versions 7.0.2 prior to rev11, update to version 7.0.2 rev11 or later.
For versions 7.2.0 prior to rev8, update to version 7.2.0 rev8 or later.
Correção
XSS
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Open-Xchange Appsuite
Open-Xchange Server