CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
Percentile
37.2%
OX App Suite through 7.10.6 allows XSS via a deep link, as demonstrated by class=“deep-link-app” for a /#!!&app=%2e./ URI.
Vendor | Product | Version | CPE |
---|---|---|---|
open-xchange | open-xchange_appsuite | * | cpe:2.3:a:open-xchange:open-xchange_appsuite:*:*:*:*:*:*:*:* |
open-xchange | open-xchange_appsuite | 7.10.5 | cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:-:*:*:*:*:*:* |
open-xchange | open-xchange_appsuite | 7.10.5 | cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:patch_release_5961:*:*:*:*:*:* |
open-xchange | open-xchange_appsuite | 7.10.5 | cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:patch_release_5973:*:*:*:*:*:* |
open-xchange | open-xchange_appsuite | 7.10.5 | cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:patch_release_5976:*:*:*:*:*:* |
open-xchange | open-xchange_appsuite | 7.10.5 | cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:patch_release_5982:*:*:*:*:*:* |
open-xchange | open-xchange_appsuite | 7.10.5 | cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:patch_release_5989:*:*:*:*:*:* |
open-xchange | open-xchange_appsuite | 7.10.5 | cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:patch_release_5994:*:*:*:*:*:* |
open-xchange | open-xchange_appsuite | 7.10.5 | cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:patch_release_6000:*:*:*:*:*:* |
open-xchange | open-xchange_appsuite | 7.10.5 | cpe:2.3:a:open-xchange:open-xchange_appsuite:7.10.5:patch_release_6003:*:*:*:*:*:* |