Author: Martin Heiland

Country:

Reported research: 20

Advisories

Risk	Topic & Details
Low	OX App Suite Frontend 7.10.6-rev44 Cross Site Scripting (CVE assigned) Remote \| 2024-08-26
Med.	OX App Suite 7.10.6 Cross Site Scripting / Deserialization Issue (CVE assigned) Remote \| 2024-04-11
Med.	OX App Suite XSS / Information Disclosure / Authorization Bypass (CVE assigned) Remote \| 2023-05-09
Med.	OX App Suite 7.10.6 Cross Site Scripting / SSRF / Resource Consumption (CVE assigned) Remote \| 2022-12-01
Med.	OX App Suite Cross Site Scripting / Command Injection (CVE assigned) Remote \| 2022-09-02
Med.	OX App Suite 7.10.5 Cross Site Scripting (CVE assigned) Remote \| 2022-03-22
Med.	OX Documents 7.10.5 Improper Authorization (CVE assigned) Remote \| 2021-07-21
Med.	OX App Suite / OX Guard / OX Documents SSRF / Cross Site Scripting (CVE assigned) Remote \| 2021-07-17
Med.	OX App Suite / OX Guard SSRF / DoS / Cross Site Scripting (CVE assigned) Remote \| 2021-04-30
High	OX App Suite / OX Documents 7.10.3 XSS / Server-Side Request Forgery (CVE assigned) Remote \| 2020-10-19
Low	OX App Suite / OX Documents 7.10.3 XSS / SSRF / Improper Validation (CVE assigned) Remote \| 2020-06-16
Low	OX App Suite 7.10.2 Cross Site Scripting / Improper Access Control (CVE assigned) Remote \| 2020-01-05
Low	Open-Xchange OX App Suite Content Spoofing / Cross Site Scripting (CVE assigned) \| 2019-08-17
Med.	OX App Suite 7.8.4 XSS / Privilege Management / SSRF / Traversal (CVE assigned) Remote \| 2018-06-12
Low	Open-Xchange App Suite 7.8.1 Information Disclosure (CVE assigned) Remote \| 2016-06-23
High	Open-Xchange Guard 2.2.0 / 2.0 Private Key Disclosure (CVE assigned) Remote \| 2016-03-04
Med.	Guard 2.0.0-rev7 SQL Injection (CVE assigned) Remote \| 2015-09-24
Low	Open-Xchange Server 6 / OX AppSuite Cross Site Scripting (CVE assigned) Remote \| 2015-04-28
Med.	Open-Xchange Server 6 / OX AppSuite 7.6.1 Exposure (CVE assigned) Remote \| 2015-02-13
Med.	Open-Xchange 7.6.0 XSS / SSRF / Traversal (CVE assigned) Remote \| 2014-09-16

Author: Martin Heiland

Country:

Reported research: 20

Advisories

Low

OX App Suite Frontend 7.10.6-rev44 Cross Site Scripting (CVE assigned)

Remote | 2024-08-26

Med.

OX App Suite 7.10.6 Cross Site Scripting / Deserialization Issue (CVE assigned)

Remote | 2024-04-11

Med.

OX App Suite XSS / Information Disclosure / Authorization Bypass (CVE assigned)

Remote | 2023-05-09

Med.

OX App Suite 7.10.6 Cross Site Scripting / SSRF / Resource Consumption (CVE assigned)

Remote | 2022-12-01

Med.

OX App Suite Cross Site Scripting / Command Injection (CVE assigned)

Remote | 2022-09-02

Med.

OX App Suite 7.10.5 Cross Site Scripting (CVE assigned)

Remote | 2022-03-22

Med.

OX Documents 7.10.5 Improper Authorization (CVE assigned)

Remote | 2021-07-21

Med.

OX App Suite / OX Guard / OX Documents SSRF / Cross Site Scripting (CVE assigned)

Remote | 2021-07-17

Med.

OX App Suite / OX Guard SSRF / DoS / Cross Site Scripting (CVE assigned)

Remote | 2021-04-30

High

OX App Suite / OX Documents 7.10.3 XSS / Server-Side Request Forgery (CVE assigned)

Remote | 2020-10-19

Low

OX App Suite / OX Documents 7.10.3 XSS / SSRF / Improper Validation (CVE assigned)

Remote | 2020-06-16

Low

OX App Suite 7.10.2 Cross Site Scripting / Improper Access Control (CVE assigned)

Remote | 2020-01-05

Low

Open-Xchange OX App Suite Content Spoofing / Cross Site Scripting (CVE assigned)

| 2019-08-17

Med.

OX App Suite 7.8.4 XSS / Privilege Management / SSRF / Traversal (CVE assigned)

Remote | 2018-06-12

Low

Open-Xchange App Suite 7.8.1 Information Disclosure (CVE assigned)

Remote | 2016-06-23

High

Open-Xchange Guard 2.2.0 / 2.0 Private Key Disclosure (CVE assigned)

Remote | 2016-03-04

Med.

Guard 2.0.0-rev7 SQL Injection (CVE assigned)

Remote | 2015-09-24

Low

Open-Xchange Server 6 / OX AppSuite Cross Site Scripting (CVE assigned)

Remote | 2015-04-28

Med.

Open-Xchange Server 6 / OX AppSuite 7.6.1 Exposure (CVE assigned)

Remote | 2015-02-13

Med.

Open-Xchange 7.6.0 XSS / SSRF / Traversal (CVE assigned)

Remote | 2014-09-16

Do you know.. we can display your:

- Twitter Link - Website Link - Zone-H Link - Description of profile - email (let us know if you want show public)

Let's us know! submit@cxsec.org

- Twitter Link
- Website Link
- Zone-H Link
- Description of profile
- email (let us know if you want show public)