CVE-2016-4027

Name of the Vulnerable Software and Affected Versions Open-Xchange OX App Suite versions prior to 7.8.1-rev10

Description An issue in the App Suite frontend allows cookies with authentication information to be stored even when the user opts not to, specifically when using non-interactive login methods. This can lead to cookies being accessible to other users in shared environments, potentially allowing third parties to access a user's account if the user does not properly log out.

Recommendations For versions prior to 7.8.1-rev10, update to version 7.8.1-rev10 or later to resolve the issue. As a temporary workaround, consider enforcing the cookie setting through middleware configuration or ensuring users log in through the interactive login page. Additionally, users should always properly log out from their sessions to minimize the risk of exploitation.