CVE-2014-5234

Name of the Vulnerable Software and Affected Versions Open-Xchange (OX) AppSuite versions prior to 7.4.2-rev33 Open-Xchange (OX) AppSuite versions 7.6.x prior to 7.6.0-rev16

Description A cross-site scripting (XSS) issue exists in the backend of Open-Xchange (OX) AppSuite, allowing remote attackers to inject arbitrary web script or HTML via a folder publication name.

Recommendations For Open-Xchange (OX) AppSuite versions prior to 7.4.2-rev33, update to version 7.4.2-rev33 or later. For Open-Xchange (OX) AppSuite versions 7.6.x prior to 7.6.0-rev16, update to version 7.6.0-rev16 or later.