Vulnerability CVE-2022-37307


Published: 2022-12-26

Description:
OX App Suite through 7.10.6 allows XSS via XHTML CDATA for a snippet, as demonstrated by the onerror attribute of an IMG element within an e-mail signature.

See advisories in our WLB2 database:
Topic
Author
Date
Med.
OX App Suite 7.10.6 Cross Site Scripting / SSRF / Resource Consumption
Martin Heiland
01.12.2022

 References:
https://seclists.org/fulldisclosure/2022/Nov/18
https://open-xchange.com

Copyright 2024, cxsecurity.com

 

Back to Top