Vulnerability CVE-2022-37310
Published: 2022-12-26

Description:
OX App Suite through 7.10.6 allows XSS via a malicious capability to the metrics or help module, as demonstrated by a /#!!&app=io.ox/files&cap= URI.

See advisories in our WLB2 database:
Topic
Author
Date
Med.
OX App Suite 7.10.6 Cross Site Scripting / SSRF / Resource Consumption
Martin Heiland
01.12.2022

 References:
https://seclists.org/fulldisclosure/2022/Nov/18
https://open-xchange.com
Copyright 2024, cxsecurity.com

 

Back to Top