Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / open-xchange

open-xchange

272 tracked vulnerabilities.

CVE-2023-41703 MEDIUM

open-xchange_appsuite < 7.10.6 - Stored Cross-Site Scripting via Document Comment Mentions

CVE-2023-41710 MEDIUM

OX App Suite < 7.10.6 - Stored Cross-Site Scripting via Upsell Shop URL

CVE-2023-29052 MEDIUM

OX App Suite - Stored Cross-Site Scripting via Disclaimer Text

CVE-2023-29051 HIGH

OX App Suite < 7.10.6 - Unauthenticated Improper Access Control via User-Defined OXMF Templates

CVE-2023-29050 HIGH

LDAP contacts provider - Info Disclosure

CVE-2023-29049 MEDIUM

OX App Suite < 7.10.6 - Stored Cross-Site Scripting via Upsell Widget

CVE-2023-29048 HIGH

OXMF Template Engine - Command Injection

CVE-2023-29047 MEDIUM

Open-Xchange AppSuite < 7.10.6 - SQL Injection via Imageconverter API

CVE-2023-29046 MEDIUM

Open-Xchange AppSuite - Resource Exhaustion via External Connections

CVE-2023-29045 MEDIUM

Open-Xchange AppSuite - Code Injection in Document Drawing Operations

CVE-2023-29044 MEDIUM

open-xchange_appsuite < 7.10.6 - Stored Cross-Site Scripting via Document Collaboration

CVE-2023-29043 MEDIUM

Open-Xchange AppSuite - Cross-Site Scripting via Image References

CVE-2023-26456 MEDIUM

OX Guard < 2.10.7 - Stored Cross-Site Scripting via Product Name

CVE-2023-26455 MEDIUM

Open-Xchange App Suite ChronosRMIService - Unauthenticated Calendar Modification

CVE-2023-26454 HIGH

open-xchange_appsuite < 7.10.6 - SQL Injection via Image Metadata Fetch Request

CVE-2023-26453 HIGH

Open-Xchange AppSuite < 7.10.6 - SQL Injection via Image Cache Request

CVE-2023-26452 HIGH

open-xchange_appsuite < 7.10.6 - SQL Injection via Image Metadata Caching

CVE-2023-26451 HIGH

OAuth Authorization Service - Info Disclosure

CVE-2023-26450 MEDIUM

open-xchange_appsuite_frontend < 7.10.6 - Cross-Site Scripting via OX Count Web Service

CVE-2023-26449 MEDIUM

open-xchange_appsuite_frontend < 7.10.6 - Cross-Site Scripting via OX Chat Response Media-Type

CVE-2023-26448 MEDIUM

open-xchange_appsuite_frontend < 7.10.6 - Stored Cross-Site Scripting via Custom Log-in/Log-out Locations

CVE-2023-26447 MEDIUM

open-xchange_appsuite_frontend < 7.10.6 - Stored Cross-Site Scripting in Upsell Widget

CVE-2023-26446 MEDIUM

open-xchange_appsuite_frontend < 7.10.6 - Stored Cross-Site Scripting via ClientID Parameter

CVE-2023-26445 MEDIUM

Open-Xchange App Suite jslob Theme - Cross-Site Scripting

CVE-2023-26443 MEDIUM

Full-text autocomplete search - SQL Injection

Previous Page 2 of 11 Next

Products

open-xchange_appsuite 157 ox_app_suite 48 dovecot 16 open-xchange_appsuite_backend 14 open-xchange_server 13 ox_guard 11 open-xchange_appsuite_frontend 8 open-xchange_appsuite_office 4 open-xchange_documents 3 app_suite 2 open-xchange 2 documentconverter-api 1 office_web 1 ox_cloud 1

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy