Open-xchange Ox App Suite — known CVE vulnerabilities
Every CVE whose affected-product data names Open-xchange Ox App Suite, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (48)
CVE-2022-29851 — CVSS 9.8 (critical): documentconverter in OX App Suite through 7.10.6, in a non-default configuration with ghostscript, allows OS Command Injection because file…
CVE-2022-23100 — CVSS 9.8 (critical): OX App Suite through 7.10.6 allows OS Command Injection via Documentconverter (e.g., through an email attachment).
CVE-2022-24405 — CVSS 9.8 (critical): OX App Suite through 7.10.6 allows OS Command Injection via a serialized Java class to the Documentconverter API.
CVE-2023-29048 — CVSS 8.8 (high): A component for parsing OXMF templates could be abused to execute arbitrary system commands that would be executed as the non-privileged…
CVE-2023-29051 — CVSS 8.1 (high): User-defined OXMF templates could be used to access a limited part of the internal OX App Suite Java API. The existing switch to disable…
CVE-2023-29050 — CVSS 7.6 (high): The optional "LDAP contacts provider" could be abused by privileged users to inject LDAP filter strings that allow to access content…
CVE-2021-33491 — CVSS 6.5 (medium): OX App Suite through 7.10.5 allows Directory Traversal via ../ in an OOXML or ODF ZIP archive, because of the mishandling of relative paths…
CVE-2022-24406 — CVSS 6.5 (medium): OX App Suite through 7.10.6 allows SSRF because multipart/form-data boundaries are predictable, and this can lead to injection into…
CVE-2024-23186 — CVSS 6.5 (medium): E-Mail containing malicious display-name information could trigger client-side script execution when using specific mobile devices…
CVE-2024-23187 — CVSS 6.5 (medium): Content-ID based embedding of resources in E-Mails could be abused to trigger client-side script code when using the "show more" option…
CVE-2023-24603 — CVSS 6.5 (medium): OX App Suite before backend 7.10.6-rev37 does not check size limits when downloading, e.g., potentially allowing a crafted iCal feed to…
CVE-2021-44212 — CVSS 6.1 (medium): OX App Suite through 7.10.5 allows XSS via a trailing control character such as the SCRIPT\t substring.
CVE-2022-31468 — CVSS 6.1 (medium): OX App Suite through 8.2 allows XSS via an attachment or OX Drive content when a client uses the len or off parameter.
CVE-2021-38375 — CVSS 6.1 (medium): OX App Suite through 7.10.5 allows XSS via the alt attribute of an IMG element in a truncated e-mail message.
CVE-2021-38377 — CVSS 6.1 (medium): OX App Suite through 7.10.5 allows XSS via JavaScript code in an anchor HTML comment within truncated e-mail, because there is a…
CVE-2023-24601 — CVSS 6.1 (medium): OX App Suite before frontend 7.10.6-rev24 allows XSS via a non-app deeplink such as the jslob API's registry sub-tree.
CVE-2021-33488 — CVSS 6.1 (medium): chat in OX App Suite 7.10.5 has Improper Input Validation. A user can be redirected to a rogue OX Chat server via a development-related…
CVE-2021-33493 — CVSS 6.0 (medium): The middleware component in OX App Suite through 7.10.5 allows Code Injection via Java classes in a YAML format.
CVE-2023-29049 — CVSS 5.4 (medium): The "upsell" widget at the portal page could be abused to inject arbitrary script code. Attackers that manage to lure users to a…
CVE-2021-44211 — CVSS 5.4 (medium): OX App Suite through 7.10.5 allows XSS via the class attribute of an element in an HTML e-mail signature.
CVE-2023-41710 — CVSS 5.4 (medium): User-defined script code could be stored for a upsell related shop URL. This code was not correctly sanitized when adding it to DOM…
CVE-2021-38374 — CVSS 5.4 (medium): OX App Suite through through 7.10.5 allows XSS via a crafted snippet that has an app loader reference within an app loader URL.
CVE-2023-29052 — CVSS 5.4 (medium): Users were able to define disclaimer texts for an upsell shop dialog that would contain script code that was not sanitized correctly…
CVE-2023-24597 — CVSS 5.3 (medium): OX App Suite before frontend 7.10.6-rev24 allows the loading (without user consent) of an e-mail message's remote resources during printing.
CVE-2024-23193 — CVSS 5.3 (medium): E-Mails exported as PDF were stored in a cache that did not consider specific session information for the related user account. Users of…
CVE-2021-38376 — CVSS 5.3 (medium): OX App Suite through 7.10.5 has Incorrect Access Control for retrieval of session information via the rampup action of the login API call.
CVE-2023-24604 — CVSS 4.3 (medium): OX App Suite before backend 7.10.6-rev37 does not check HTTP header lengths when downloading, e.g., potentially allowing a crafted iCal…
CVE-2021-38378 — CVSS 4.3 (medium): OX App Suite 7.10.5 allows Information Exposure because a caching mechanism can caused a Modified By response to show a person's name.
CVE-2023-24598 — CVSS 4.3 (medium): OX App Suite before backend 7.10.6-rev37 has an information leak in the handling of distribution lists, e.g., partial disclosure of the…
CVE-2022-43698 — CVSS 4.3 (medium): OX App Suite before 7.10.6-rev30 allows SSRF because changing a POP3 account disregards the deny-list.
CVE-2023-24600 — CVSS 4.3 (medium): OX App Suite before backend 7.10.6-rev37 allows authenticated users to bypass access controls (for reading contacts) via a move to their…
CVE-2023-24599 — CVSS 4.3 (medium): OX App Suite before backend 7.10.6-rev37 allows authenticated users to change the appointments of arbitrary users via conflicting ID…
CVE-2022-43699 — CVSS 4.3 (medium): OX App Suite before 7.10.6-rev30 allows SSRF because e-mail account discovery disregards the deny-list and thus can be attacked by an…
CVE-2023-24605 — CVSS 4.2 (medium): OX App Suite before backend 7.10.6-rev37 does not enforce 2FA for all endpoints, e.g., reading from a drive, reading contact data, and…