Unrated severityNVD Advisory· Published Mar 20, 2014· Updated Jun 17, 2026
CVE-2014-2077
CVE-2014-2077
Description
Cross-site scripting (XSS) vulnerability in the frontend in Open-Xchange (OX) AppSuite 7.4.1 before 7.4.1-rev10 and 7.4.2 before 7.4.2-rev8 allows remote attackers to inject arbitrary web script or HTML via the subject of an email, involving 'the aria "tags" for screenreaders at the top bar'.
Affected products
3cpe:2.3:a:open-xchange:open-xchange_appsuite:7.4.1:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:open-xchange:open-xchange_appsuite:7.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:open-xchange:open-xchange_appsuite:7.4.2:*:*:*:*:*:*:*
- (no CPE)range: 7.4.1 before 7.4.1-rev10, 7.4.2 before 7.4.2-rev8
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.