CVE-2013-2582
Open-Xchange AppSuite & Server <6.22.0-7.0.2 - Open Redirect
Title source: llmDescription
CRLF injection vulnerability in the redirect servlet in Open-Xchange AppSuite and Server before 6.22.0 rev15, 6.22.1 before rev17, 7.0.1 before rev6, and 7.0.2 before rev7 allows remote attackers to inject arbitrary HTTP headers and conduct open redirect attacks by leveraging improper sanitization of whitespace characters.
References (1)
Core 1
Core References
Third Party Advisory mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2013-04/0183.html
Scores
EPSS
0.0024
EPSS Percentile
47.7%
Details
CWE
CWE-94
Status
published
Products (8)
open-xchange/open-xchange_appsuite
6.22.0
open-xchange/open-xchange_appsuite
6.22.1
open-xchange/open-xchange_appsuite
7.0.1
open-xchange/open-xchange_appsuite
7.0.2
open-xchange/open-xchange_server
6.22.0
open-xchange/open-xchange_server
6.22.1
open-xchange/open-xchange_server
7.0.1
open-xchange/open-xchange_server
7.0.2
Published
Sep 05, 2013
Tracked Since
Feb 18, 2026