Open-xchange Open-xchange Server — known CVE vulnerabilities
Every CVE whose affected-product data names Open-xchange Open-xchange Server, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (13)
CVE-2015-1588 — CVSS 6.1 (medium): Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange Server 6 and OX AppSuite before 7.4.2-rev43, 7.6.0-rev38, and…
CVE-2013-1651 — CVSS 5.8 (medium): OXUpdater in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 does not verify X.509 certificates from…
CVE-2013-1647 — CVSS 5.0 (medium): Multiple CRLF injection vulnerabilities in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 allow…
CVE-2013-2582 — CVSS 5.0 (medium): CRLF injection vulnerability in the redirect servlet in Open-Xchange AppSuite and Server before 6.22.0 rev15, 6.22.1 before rev17, 7.0.1…
CVE-2015-5375 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in unspecified dialogs for printing content in the Front End in Open-Xchange Server 6 and OX App…
CVE-2013-1646 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before…
CVE-2013-1649 — CVSS 4.3 (medium): Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 uses the crypt and SHA-1 algorithms for password…
CVE-2013-2583 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange AppSuite and Server before 6.20.7 rev16, 6.22.0 before rev15, 6.22.1…
CVE-2013-3106 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange AppSuite and Server before 6.20.7 rev18, 6.22.0 before rev16, 6.22.1…
CVE-2013-1645 — CVSS 4.0 (medium): Directory traversal vulnerability in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 allows remote…
CVE-2013-5698 — CVSS 3.5 (low): Cross-site scripting (XSS) vulnerability in Open-Xchange AppSuite and Server before 6.22.0 rev16, 6.22.1 before rev19, 7.0.1 before rev7…
CVE-2013-1648 — CVSS 3.5 (low): The Subscriptions feature in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 does not properly…
CVE-2013-1650 — CVSS 2.1 (low): Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 uses weak permissions (group "other" readable) under…