CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
EPSS
Percentile
23.2%
OX App Suite through 8.2 allows XSS via a certain complex hierarchy that forces use of Show Entire Message for a huge HTML e-mail message.
Vendor | Product | Version | CPE |
---|---|---|---|
open-xchange | open-xchange_appsuite | * | cpe:2.3:a:open-xchange:open-xchange_appsuite:*:*:*:*:*:*:*:* |
open-xchange | open-xchange_appsuite | 7.10.5 | cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:-:*:*:*:*:*:* |
open-xchange | open-xchange_appsuite | 7.10.5 | cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:patch_release_5961:*:*:*:*:*:* |
open-xchange | open-xchange_appsuite | 7.10.5 | cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:patch_release_5973:*:*:*:*:*:* |
open-xchange | open-xchange_appsuite | 7.10.5 | cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:patch_release_5976:*:*:*:*:*:* |
open-xchange | open-xchange_appsuite | 7.10.5 | cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:patch_release_5982:*:*:*:*:*:* |
open-xchange | open-xchange_appsuite | 7.10.5 | cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:patch_release_5989:*:*:*:*:*:* |
open-xchange | open-xchange_appsuite | 7.10.5 | cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:patch_release_5994:*:*:*:*:*:* |
open-xchange | open-xchange_appsuite | 7.10.5 | cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:patch_release_6000:*:*:*:*:*:* |
open-xchange | open-xchange_appsuite | 7.10.5 | cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:patch_release_6003:*:*:*:*:*:* |