RSS   Podatności dla 'Ox app suite'   RSS

2022-03-28
 
CVE-2021-44208

CWE-79
 

 
OX App Suite through 7.10.5 allows XSS via an unknown system message in Chat.

 
 
CVE-2021-44209

CWE-79
 

 
OX App Suite through 7.10.5 allows XSS via an HTML 5 element such as AUDIO.

 
 
CVE-2021-44210

CWE-79
 

 
OX App Suite through 7.10.5 allows XSS via NIFF (Notation Interchange File Format) data.

 
 
CVE-2021-44211

CWE-79
 

 
OX App Suite through 7.10.5 allows XSS via the class attribute of an element in an HTML e-mail signature.

 
 
CVE-2021-44212

CWE-79
 

 
OX App Suite through 7.10.5 allows XSS via a trailing control character such as the SCRIPT\t substring.

 
 
CVE-2021-44213

CWE-79
 

 
OX App Suite through 7.10.5 allows XSS via uuencoding in a multipart/alternative message.

 
2021-11-22
 
CVE-2021-33488

CWE-20
 

 
chat in OX App Suite 7.10.5 has Improper Input Validation. A user can be redirected to a rogue OX Chat server via a development-related hook.

 
 
CVE-2021-33489

CWE-79
 

 
OX App Suite through 7.10.5 allows XSS via JavaScript code in a shared XCF file.

 
 
CVE-2021-33490

CWE-79
 

 
OX App Suite through 7.10.5 allows XSS via a crafted snippet in a shared mail signature.

 
 
CVE-2021-33491

CWE-22
 

 
OX App Suite through 7.10.5 allows Directory Traversal via ../ in an OOXML or ODF ZIP archive, because of the mishandling of relative paths in mail addresses in conjunction with auto-configuration DNS records.

 


Copyright 2024, cxsecurity.com

 

Back to Top