Unrated severityNVD Advisory· Published Jan 2, 2020· Updated Aug 6, 2024
CVE-2013-7485
CVE-2013-7485
Description
Cross-site scripting (XSS) vulnerability in the backend in Open-Xchange (OX) AppSuite 7.2.x before 7.2.2-rev26 and 7.4.x before 7.4.0-rev16 allows remote attackers to inject arbitrary web script or HTML via the publication name, which is not properly handled in an error message. NOTE: this vulnerability was SPLIT from CVE-2013-6242 because it affects different sets of versions.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Open-Xchange (OX)/AppSuitedescription
- Range: <7.2.2-rev26, <7.4.0-rev16
Patches
Vulnerability mechanics
References
8- secunia.com/advisories/55837mitrethird-party-advisoryx_refsource_SECUNIA
- osvdb.org/100385mitrevdb-entryx_refsource_OSVDB
- packetstormsecurity.com/files/124185/Open-Xchange-frontend6-6.22.4-backend-7.4.0-Cross-Site-Scripting.htmlmitrex_refsource_MISC
- seclists.org/bugtraq/2013/Nov/127mitremailing-listx_refsource_BUGTRAQ
- www.securitytracker.com/id/1029394mitrevdb-entryx_refsource_SECTRACK
- xforce.iss.net/xforce/xfdb/89250mitrevdb-entryx_refsource_XF
- xforce.iss.net/xforce/xfdb/89251mitrevdb-entryx_refsource_XF
- forum.open-xchange.com/showthread.phpmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.