App Suite
Monthly
OX App Suite through 7.10.6 allows XSS by forcing block-wise read. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Server-side request forgery (SSRF) vulnerability in the documentconverter component in Open-Xchange (OX) AppSuite before 7.4.2-rev10 and 7.6.x before 7.6.0-rev10 allows remote attackers to trigger. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.
OX App Suite through 7.10.6 allows XSS by forcing block-wise read. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Server-side request forgery (SSRF) vulnerability in the documentconverter component in Open-Xchange (OX) AppSuite before 7.4.2-rev10 and 7.6.x before 7.6.0-rev10 allows remote attackers to trigger. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.