CVE-2013-5690
Open-xchange Appsuite < 7.2.1 - XSS
Title source: ruleDescription
Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange AppSuite before 7.2.2 allow remote authenticated users to inject arbitrary web script or HTML via (1) content with the text/xml MIME type or (2) the Status comment field of an appointment.
Scores
EPSS
0.0016
EPSS Percentile
36.5%
Details
CWE
CWE-79
Status
published
Products (8)
open-xchange/open-xchange_appsuite
< 7.2.1
open-xchange/open-xchange_appsuite
open-xchange/open-xchange_appsuite
open-xchange/open-xchange_appsuite
open-xchange/open-xchange_appsuite
open-xchange/open-xchange_appsuite
open-xchange/open-xchange_appsuite
n/a/n/a
Published
Oct 03, 2013
Tracked Since
Feb 18, 2026