CVE-2016-6844

Name of the Vulnerable Software and Affected Versions Open-Xchange OX App Suite versions prior to 7.8.2-rev8

Description An issue in Open-Xchange OX App Suite allows script code within SVG files to be maintained when opening such files in browser, based on the Mail or Drive app. This can lead to the execution of malicious script code within a user's context, potentially resulting in session hijacking or triggering unwanted actions via the web interface, such as sending mail or deleting data.

Recommendations For versions prior to 7.8.2-rev8, update to version 7.8.2-rev8 or later to resolve the issue.