CVE-2013-2583
Open-Xchange AppSuite & Server <6.20.7-7.0.2 - XSS
Title source: llmDescription
Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange AppSuite and Server before 6.20.7 rev16, 6.22.0 before rev15, 6.22.1 before rev17, 7.0.1 before rev6, and 7.0.2 before rev7 allow remote attackers to inject arbitrary web script or HTML via (1) a javascript: URL, (2) malformed nested SCRIPT elements, (3) a mail signature, or (4) JavaScript code within an image file.
Scores
EPSS
0.0022
EPSS Percentile
45.0%
Details
CWE
CWE-79
Status
published
Products (11)
open-xchange/open-xchange_appsuite
open-xchange/open-xchange_appsuite
open-xchange/open-xchange_appsuite
open-xchange/open-xchange_appsuite
open-xchange/open-xchange_appsuite
open-xchange/open-xchange_server
open-xchange/open-xchange_server
open-xchange/open-xchange_server
open-xchange/open-xchange_server
open-xchange/open-xchange_server
... and 1 more
Published
Sep 05, 2013
Tracked Since
Feb 18, 2026