PT-2020-7542 · Open Xchange · Open-Xchange Appsuite
Published
2020-01-02
·
Updated
2020-01-09
·
CVE-2013-6242
CVSS v2.0
4.3
Medium
| Vector | AV:N/AC:M/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions:
Open-Xchange (OX) AppSuite versions 6.22.3 through 6.22.3-rev4
Open-Xchange (OX) AppSuite versions 6.22.4 through 6.22.4-rev11
Description:
A cross-site scripting (XSS) issue exists in the frontend of Open-Xchange (OX) AppSuite, allowing remote attackers to inject arbitrary web script or HTML via the subject of an email.
Recommendations:
For Open-Xchange (OX) AppSuite versions 6.22.3 through 6.22.3-rev4, update to version 6.22.3-rev5 or later.
For Open-Xchange (OX) AppSuite versions 6.22.4 through 6.22.4-rev11, update to version 6.22.4-rev12 or later.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Open-Xchange Appsuite