Open Xchange
Sign in to watchby Open-Xchange
CVEs (2)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2006-2738 | 0.00 | — | 0.01 | Jun 1, 2006 | The open source version of Open-Xchange 0.8.2 and earlier uses a static default username and password with a valid login shell in the initfile for the ldap-server, which allows remote attackers to access any server where the default has not been changed. | ||
| CVE-2006-0091 | 0.00 | — | 0.00 | Jan 5, 2006 | Cross-site scripting (XSS) vulnerability in webmail in Open-Xchange 0.8.1-6 and earlier, with "Inline HTML" enabled, allows remote attackers to inject arbitrary web script or HTML via e-mail attachments, which are rendered inline. |