Unrated severityNVD Advisory· Published Sep 5, 2013· Updated Apr 29, 2026
CVE-2013-5035
CVE-2013-5035
Description
Multiple race conditions in HtmlCleaner before 2.6, as used in Open-Xchange AppSuite 7.2.2 before rev13 and other products, allow remote authenticated users to read the private e-mail of other persons in opportunistic circumstances by leveraging lack of thread safety and performing a rapid series of (1) mail-sending or (2) draft-saving operations.
Affected products
20cpe:2.3:a:htmlcleaner_project:htmlcleaner:*:*:*:*:*:*:*:*+ 18 more
- cpe:2.3:a:htmlcleaner_project:htmlcleaner:*:*:*:*:*:*:*:*range: <=2.5
- cpe:2.3:a:htmlcleaner_project:htmlcleaner:0.8:*:*:*:*:*:*:*
- cpe:2.3:a:htmlcleaner_project:htmlcleaner:0.9:*:*:*:*:*:*:*
- cpe:2.3:a:htmlcleaner_project:htmlcleaner:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:htmlcleaner_project:htmlcleaner:1.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:htmlcleaner_project:htmlcleaner:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:htmlcleaner_project:htmlcleaner:1.2:*:*:*:*:*:*:*
- cpe:2.3:a:htmlcleaner_project:htmlcleaner:1.3:*:*:*:*:*:*:*
- cpe:2.3:a:htmlcleaner_project:htmlcleaner:1.4:*:*:*:*:*:*:*
- cpe:2.3:a:htmlcleaner_project:htmlcleaner:1.5:*:*:*:*:*:*:*
- cpe:2.3:a:htmlcleaner_project:htmlcleaner:1.6:*:*:*:*:*:*:*
- cpe:2.3:a:htmlcleaner_project:htmlcleaner:1.12:*:*:*:*:*:*:*
- cpe:2.3:a:htmlcleaner_project:htmlcleaner:1.13:*:*:*:*:*:*:*
- cpe:2.3:a:htmlcleaner_project:htmlcleaner:1.55:*:*:*:*:*:*:*
- cpe:2.3:a:htmlcleaner_project:htmlcleaner:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:htmlcleaner_project:htmlcleaner:2.1:*:*:*:*:*:*:*
- cpe:2.3:a:htmlcleaner_project:htmlcleaner:2.2:*:*:*:*:*:*:*
- cpe:2.3:a:htmlcleaner_project:htmlcleaner:2.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:htmlcleaner_project:htmlcleaner:2.4:*:*:*:*:*:*:*
- cpe:2.3:a:open-xchange:open-xchange_appsuite:7.2.2:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2News mentions
0No linked articles in our index yet.