open-xchange

272 tracked vulnerabilities.

CVE-2013-6074
Open-Xchange AppSuite 7.2.x < 7.2.2-rev25 and 7.4.x < 7.4.0-rev14 - Cross-Site Scripting via SVG File Upload
Nov 20, 2013
EPSS 0.00
CVE-2013-6009
Open-Xchange AppSuite < 7.2.2 - CRLF Injection via AJAX/Defer Servlet
Oct 03, 2013
EPSS 0.00
CVE-2013-5690
Open-Xchange AppSuite < 7.2.2 - Authenticated Cross-Site Scripting via XML Content or Appointment Status Comment
Oct 03, 2013
EPSS 0.00
CVE-2013-5936
Open-Xchange AppSuite <7.0.2-rev15/7.2.2-rev16 - Sensitive Information Exposure via Hazelcast
Sep 25, 2013
EPSS 0.00
CVE-2013-5935
Open-Xchange AppSuite 7.0.x < 7.0.2-rev15 and 7.2.x < 7.2.2-rev16 - Unauthorized Access via Hazelcast Cluster API
Sep 25, 2013
EPSS 0.00
CVE-2013-5934
Open-Xchange AppSuite <7.0.2-rev15/7.2.2-rev16 Unauthenticated Cluster Expansion via Hardcoded Hazelcast Password
Sep 25, 2013
EPSS 0.00
CVE-2013-5200
Open-Xchange AppSuite <7.0.2-7.2.2 - Info Disclosure
Sep 25, 2013
EPSS 0.01
CVE-2013-5698
Open-Xchange AppSuite and Server - Authenticated Cross-Site Scripting via Delivery View Action
Sep 05, 2013
EPSS 0.00
CVE-2013-5035
htmlcleaner < 2.6 - Authenticated Race Condition in Email Handling
Sep 05, 2013
EPSS 0.00
CVE-2013-4790
Open-Xchange AppSuite <7.0.2-7.2.2 - Info Disclosure
Sep 05, 2013
EPSS 0.00
CVE-2013-3106
Open-Xchange AppSuite and Server < 7.2.0 rev8 - Cross-Site Scripting
Sep 05, 2013
EPSS 0.00
CVE-2013-2583
Open-Xchange AppSuite & Server <6.20.7-7.0.2 - XSS
Sep 05, 2013
EPSS 0.00
CVE-2013-2582
Open-Xchange AppSuite & Server <6.22.0-7.0.2 - Open Redirect
Sep 05, 2013
EPSS 0.00
CVE-2013-1651
Open-Xchange Server <6.20.7 rev14, 6.22.0<rev13, 6.22.1<rev14 - MITM via Unverified X.509 Certs
Sep 05, 2013
EPSS 0.01
CVE-2013-1650
Open-Xchange Server < 6.20.7 rev14, 6.22.0 < rev13, 6.22.1 < rev14 - Information Disclosure via Weak File Permissions
Sep 05, 2013
EPSS 0.01
CVE-2013-1649
Open-Xchange Server < 6.20.7 rev14, 6.22.0 < rev13, 6.22.1 < rev14 - Weak Password Hashing via crypt and SHA-1
Sep 05, 2013
EPSS 0.02
CVE-2013-1648
Open-Xchange Server < 6.20.7 rev14, 6.22.0 < rev13, 6.22.1 < rev14 - SSRF via Subscriptions Source Field
Sep 05, 2013
EPSS 0.01
CVE-2013-1647
Open-Xchange Server - HTTP Response Splitting via CRLF Injection
Sep 05, 2013
EPSS 0.01
CVE-2013-1646
Open-Xchange Server - Cross-Site Scripting via Multiple Input Vectors
Sep 05, 2013
EPSS 0.01
CVE-2013-1645
Open-Xchange Server <6.20.7 rev14, 6.22.0<rev13, 6.22.1<rev14 Authenticated Path Traversal
Sep 05, 2013
EPSS 0.02
CVE-2006-2738
Open-Xchange <0.8.2 - Info Disclosure
Jun 01, 2006
EPSS 0.01
CVE-2006-0091
Open-Xchange < 0.8.1.6 - Cross-Site Scripting via Email Attachment Rendering
Jan 05, 2006
EPSS 0.00
Products
open-xchange_appsuite 157 ox_app_suite 48 dovecot 16 open-xchange_appsuite_backend 14 open-xchange_server 13 ox_guard 11 open-xchange_appsuite_frontend 8 open-xchange_appsuite_office 4 open-xchange_documents 3 app_suite 2 open-xchange 2 documentconverter-api 1 office_web 1 ox_cloud 1
Quick Filters
Critical CVEs With Exploits In CISA KEV