PT-2023-20625 · Ox Software Gmbh+1 · Ox App Suite+1
Foobar7
+1
·
Published
2023-06-20
·
Updated
2024-01-12
·
CVE-2023-26429
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Software (affected versions not specified)
Description
The issue arises from control characters not being removed when exporting user feedback content, allowing attackers to include unexpected content and potentially break the exported data structure. This is mitigated by dropping all control characters that are not whitespace characters during the export. No publicly available exploits are known.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ox App Suite
Open-Xchange Appsuite Backend