Martin Braun

**Name of the Vulnerable Software and Affected Versions** Open-Xchange (OX) AppSuite versions 7.4.1 and earlier **Description** The issue is related to a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web script or HTML. This is achieved via unspecified vectors related to crafted "<%" tags. **Recommendations** For Open-Xchange (OX) AppSuite versions 7.4.1 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Open-Xchange (OX) AppSuite version 7.4.1 **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the `title` in a mail filter rule. **Recommendations** For Open-Xchange (OX) AppSuite version 7.4.1, update to a version that fixes this issue to prevent exploitation.