Unrated severityNVD Advisory· Published Sep 5, 2013· Updated Jun 16, 2026
CVE-2013-5698
CVE-2013-5698
Description
Cross-site scripting (XSS) vulnerability in Open-Xchange AppSuite and Server before 6.22.0 rev16, 6.22.1 before rev19, 7.0.1 before rev7, 7.0.2 before rev11, and 7.2.0 before rev8 allows remote authenticated users to inject arbitrary web script or HTML via a delivery=view action, aka Bug ID 26373, a different vulnerability than CVE-2013-3106.
Affected products
11cpe:2.3:a:open-xchange:open-xchange_appsuite:6.22.0:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:open-xchange:open-xchange_appsuite:6.22.0:*:*:*:*:*:*:*
- cpe:2.3:a:open-xchange:open-xchange_appsuite:6.22.1:*:*:*:*:*:*:*
- cpe:2.3:a:open-xchange:open-xchange_appsuite:7.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:open-xchange:open-xchange_appsuite:7.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:open-xchange:open-xchange_appsuite:7.2.0:*:*:*:*:*:*:*
cpe:2.3:a:open-xchange:open-xchange_server:6.22.0:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:open-xchange:open-xchange_server:6.22.0:*:*:*:*:*:*:*
- cpe:2.3:a:open-xchange:open-xchange_server:6.22.1:*:*:*:*:*:*:*
- cpe:2.3:a:open-xchange:open-xchange_server:7.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:open-xchange:open-xchange_server:7.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:open-xchange:open-xchange_server:7.2.0:*:*:*:*:*:*:*
- Range: before 6.22.0 rev16, 6.22.1 before rev19, 7.0.1 before rev7, 7.0.2 before rev11, and 7.2.0 before rev8
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.