VYPR

Vendor CVEs

Open-Xchange

All CVEs

256 total · sorted by risk
  • CVE-2018-5752HigJun 16, 2018
    risk 0.61cvss 8.8epss 0.08

    The backend component in Open-Xchange OX App Suite before 7.6.3-rev36, 7.8.x before 7.8.2-rev39, 7.8.3 before 7.8.3-rev44, and 7.8.4 before 7.8.4-rev22 allows remote attackers to conduct server-side request forgery (SSRF) attacks via vectors involving non-decimal representations…

  • CVE-2024-4367HigMay 14, 2024
    risk 0.59cvss 8.8epss 0.73

    A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.

  • CVE-2015-8542HigDec 15, 2016
    risk 0.57cvss 8.8epss 0.02

    An issue was discovered in Open-Xchange Guard before 2.2.0-rev8. The "getprivkeybyid" API call is used to download a PGP Private Key for a specific user after providing authentication credentials. Clients provide the "id" and "cid" parameter to specify the current user by its…

  • CVE-2025-30188HigOct 31, 2025
    risk 0.49cvss 7.5epss 0.00

    Malicious or unintentional API requests can be used to add significant amount of data to caches. Caches may evict information that is required to operate the web frontend, which leads to unavailability of the component. Please deploy the provided updates and patch releases. No…

  • CVE-2016-4028HigDec 15, 2016
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in Open-Xchange OX Guard before 2.4.0-rev8. OX Guard uses an authentication token to identify and transfer guest users' credentials. The OX Guard API acts as a padding oracle by responding with different error codes depending on whether the provided…

  • CVE-2026-27851HigMay 12, 2026
    risk 0.48cvss 7.4epss 0.00

    When safe filter is used with variable expansion, all following pipelines on the same string are incorrectly interpreted as safe too, enabling unsafe data to be unescaped. This can enable SQL / LDAP injection attacks when used in authentication. Avoid using safe filter until on…

  • CVE-2016-3174HigDec 15, 2016
    risk 0.48cvss 7.4epss 0.01

    An issue was discovered in Open-Xchange OX AppSuite before 7.8.0-rev27. The "defer" servlet offers to redirect a client to a specified URL. Since some checks were missing, arbitrary URLs could be provided as redirection target. Users can be tricked to follow a link to a…

  • CVE-2018-5753MedJun 16, 2018
    risk 0.46cvss 6.5epss 0.08

    The frontend component in Open-Xchange OX App Suite before 7.6.3-rev31, 7.8.x before 7.8.2-rev31, 7.8.3 before 7.8.3-rev41, and 7.8.4 before 7.8.4-rev20 allows remote attackers to spoof the origin of e-mails via unicode characters in the "personal part" of a (1) From or (2)…

  • CVE-2018-5751MedJun 16, 2018
    risk 0.46cvss 6.5epss 0.09

    The backend component in Open-Xchange OX App Suite before 7.6.3-rev36, 7.8.x before 7.8.2-rev39, 7.8.3 before 7.8.3-rev44, and 7.8.4 before 7.8.4-rev22 allows remote authenticated users to obtain sensitive information about external guest users via vectors related to the…

  • CVE-2017-17062MedJun 16, 2018
    risk 0.46cvss 6.5epss 0.04

    The backend component in Open-Xchange OX App Suite before 7.6.3-rev35, 7.8.x before 7.8.2-rev38, 7.8.3 before 7.8.3-rev41, and 7.8.4 before 7.8.4-rev19 allows remote authenticated users to save arbitrary user attributes by leveraging improper privilege management.

  • CVE-2026-24031HigMar 27, 2026
    risk 0.43cvss 7.7epss 0.00

    Dovecot SQL based authentication can be bypassed when auth_username_chars is cleared by admin. This vulnerability allows bypassing authentication for any user and user enumeration. Do not clear auth_username_chars. If this is not possible, install latest fixed version. No…

  • CVE-2016-6854MedDec 15, 2016
    risk 0.43cvss 6.1epss 0.02

    An issue was discovered in Open-Xchange OX Guard before 2.4.2-rev5. Script code which got injected to a mail with inline PGP signature gets executed when verifying the signature. Malicious script code can be executed within a user's context. This can lead to session hijacking or…

  • CVE-2016-6853MedDec 15, 2016
    risk 0.43cvss 6.1epss 0.02

    An issue was discovered in Open-Xchange OX Guard before 2.4.2-rev5. Script code and references to external websites can be injected to the names of PGP public keys. When requesting that key later on using a specific URL, such script code might get executed. In case of injecting…

  • CVE-2016-6851MedDec 15, 2016
    risk 0.43cvss 6.1epss 0.03

    An issue was discovered in Open-Xchange OX Guard before 2.4.2-rev5. Script code can be provided as parameter to the OX Guard guest reader web application. This allows cross-site scripting attacks against arbitrary users since no prior authentication is needed. Malicious script…

  • CVE-2016-5740MedDec 15, 2016
    risk 0.43cvss 6.1epss 0.04

    An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev5. JavaScript code can be used as part of ical attachments within scheduling E-Mails. This content, for example an appointment's location, will be presented to the user at the E-Mail App, depending on the…

  • CVE-2026-27858HigMar 27, 2026
    risk 0.42cvss 7.5epss 0.01

    Attacker can send a specifically crafted message before authentication that causes managesieve to allocate large amount of memory. Attacker can force managesieve-login to be unavailable by repeatedly crashing the process. Protect access to managesieve protocol, or install…

  • CVE-2025-59032HigMar 27, 2026
    risk 0.42cvss 7.5epss 0.01

    ManageSieve AUTHENTICATE command crashes when using literal as SASL initial response. This can be used to crash ManageSieve service repeatedly, making it unavailable for other users. Control access to ManageSieve port, or disable the service if it's not needed. Alternatively…

  • CVE-2024-23188MedMay 6, 2024
    risk 0.42cvss 6.5epss 0.01

    Maliciously crafted E-Mail attachment names could be used to temporarily execute script code in the context of the users browser session. Common user interaction is required for the vulnerability to trigger. Attackers could perform malicious API requests or extract information…

  • CVE-2018-9998MedJul 5, 2018
    risk 0.42cvss 6.5epss 0.02

    Open-Xchange OX App Suite before 7.6.3-rev37, 7.8.x before 7.8.2-rev40, 7.8.3 before 7.8.3-rev48, and 7.8.4 before 7.8.4-rev28 include folder names in API error responses, which allows remote attackers to obtain sensitive information via the folder parameter in an "all" action…

  • CVE-2026-27856HigMar 27, 2026
    risk 0.41cvss 7.4epss 0.00

    Doveadm credentials are verified using direct comparison which is susceptible to timing oracle attack. An attacker can use this to determine the configured credentials. Figuring out the credential will lead into full access to the affected component. Limit access to the doveadm…

  • CVE-2025-59025MedNov 27, 2025
    risk 0.40cvss 6.1epss 0.00

    Malicious e-mail content can be used to execute script code. Unintended actions can be executed in the context of the users account, including exfiltration of sensitive information. Sanitization has been updated to avoid such bypasses. No publicly available exploits are known

  • CVE-2024-23192MedApr 8, 2024
    risk 0.40cvss 6.1epss 0.01

    RSS feeds that contain malicious data- attributes could be abused to inject script code to a users browser session when reading compromised RSS feeds or successfully luring users to compromised accounts. Attackers could perform malicious API requests or extract information from…

  • CVE-2018-9997MedJul 5, 2018
    risk 0.40cvss 6.1epss 0.02

    Cross-site scripting (XSS) vulnerability in mail compose in Open-Xchange OX App Suite before 7.6.3-rev31, 7.8.x before 7.8.2-rev31, 7.8.3 before 7.8.3-rev41, and 7.8.4 before 7.8.4-rev28 allows remote attackers to inject arbitrary web script or HTML via the data-target attribute…

  • CVE-2015-1588MedJun 8, 2017
    risk 0.40cvss 6.1epss 0.02

    Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange Server 6 and OX AppSuite before 7.4.2-rev43, 7.6.0-rev38, and 7.6.1-rev21.

  • CVE-2016-6846MedMar 29, 2017
    risk 0.40cvss 6.1epss 0.01

    Cross-site scripting (XSS) vulnerability in Open-Xchange (OX) AppSuite backend before 7.6.2-rev59, 7.8.0 before 7.8.0-rev38, 7.8.2 before 7.8.2-rev8; AppSuite frontend before 7.6.2-rev47, 7.8.0 before 7.8.0-rev30, and 7.8.2 before 7.8.2-rev8; Office Web before 7.6.2-rev16, 7.8.0…

  • CVE-2016-6850MedDec 15, 2016
    risk 0.40cvss 6.1epss 0.01

    An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. SVG files can be used as profile pictures. In case their XML structure contains iframes and script code, that code may get executed when calling the related picture URL or viewing the related person's image…

  • CVE-2016-6847MedDec 15, 2016
    risk 0.40cvss 6.1epss 0.01

    An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. SVG files can be used as mp3 album covers. In case their XML structure contains script code, that code may get executed when calling the related cover URL. Malicious script code can be executed within a…

  • CVE-2016-6845MedDec 15, 2016
    risk 0.40cvss 6.1epss 0.01

    An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. Script code within hyperlinks at HTML E-Mails is not getting correctly sanitized when using base64 encoded "data" resources. This allows an attacker to provide hyperlinks that may execute script code instead…

  • CVE-2016-6844MedDec 15, 2016
    risk 0.40cvss 6.1epss 0.01

    An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. Script code within SVG files is maintained when opening such files "in browser" based on our Mail or Drive app. In case of "a" tags, this may include link targets with base64 encoded "data" references.…

  • CVE-2016-6843MedDec 15, 2016
    risk 0.40cvss 6.1epss 0.01

    An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. Script code can be injected to contact names. When adding those contacts to a group, the script code gets executed in the context of the user which creates or changes the group by using autocomplete. In most…

  • CVE-2016-6842MedDec 15, 2016
    risk 0.40cvss 6.1epss 0.01

    An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. Setting the user's name to JS code makes that code execute when selecting that user's "Templates" folder from OX Documents settings. This requires the folder to be shared to the victim. Malicious script code…

  • CVE-2016-5124MedDec 15, 2016
    risk 0.40cvss 6.1epss 0.01

    An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev14. Adding images from external sources to HTML editors by drag&drop can potentially lead to script code execution in the context of the active user. To exploit this, a user needs to be tricked to use an image…

  • CVE-2016-4045MedDec 15, 2016
    risk 0.40cvss 6.1epss 0.01

    An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev11. Script code can be embedded to RSS feeds using a URL notation. In case a user clicks the corresponding link at the RSS reader of App Suite, code gets executed at the context of the user. Malicious script…

  • CVE-2016-4026MedDec 15, 2016
    risk 0.40cvss 6.1epss 0.01

    An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev11. The content sanitizer component has an issue with filtering malicious content in case invalid HTML code is provided. In such cases the filter will output a unsanitized representation of the content.…

  • CVE-2016-2840MedDec 15, 2016
    risk 0.40cvss 6.1epss 0.02

    An issue was discovered in Open-Xchange Server 6 / OX AppSuite before 7.8.0-rev26. The "session" parameter for file-download requests can be used to inject script code that gets reflected through the subsequent status page. Malicious script code can be executed within a trusted…

  • CVE-2018-5755MedJun 16, 2018
    risk 0.39cvss 5.5epss 0.08

    Absolute path traversal vulnerability in the readerengine component in Open-Xchange OX App Suite before 7.6.3-rev3, 7.8.x before 7.8.2-rev4, 7.8.3 before 7.8.3-rev5, and 7.8.4 before 7.8.4-rev4 allows remote attackers to read arbitrary files via a full pathname in a formula in a…

  • CVE-2018-5754MedJun 16, 2018
    risk 0.38cvss 5.4epss 0.03

    Cross-site scripting (XSS) vulnerability in the office-web component in Open-Xchange OX App Suite before 7.8.3-rev12 and 7.8.4 before 7.8.4-rev9 allows remote attackers to inject arbitrary web script or HTML via a crafted presentation file, related to copying content to the…

  • CVE-2016-4046MedDec 15, 2016
    risk 0.38cvss 5.8epss 0.01

    An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev11. The API to configure external mail accounts can be abused to map and access network components within the trust boundary of the operator. Users can inject arbitrary hosts and ports to API calls. Depending…

  • CVE-2026-27855MedMar 27, 2026
    risk 0.37cvss 6.8epss 0.00

    Dovecot OTP authentication is vulnerable to replay attack under specific conditions. If auth cache is enabled, and username is altered in passdb, then OTP credentials can be cached so that same OTP reply is valid. An attacker able to observe an OTP exchange is able to log in as…

  • CVE-2016-6848MedDec 15, 2016
    risk 0.36cvss 5.5epss 0.00

    An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. API requests can be used to inject, generate and download executable files to the client ("Reflected File Download"). Malicious platform specific (e.g. Microsoft Windows) batch file can be created via a…

  • CVE-2025-30186MedNov 27, 2025
    risk 0.35cvss 5.4epss 0.00

    Malicious content uploaded as file can be used to execute script code when following attacker-controlled links. Unintended actions can be executed in the context of the users account, including exfiltration of sensitive information. Please deploy the provided updates and patch…

  • CVE-2025-30191MedOct 31, 2025
    risk 0.35cvss 5.4epss 0.00

    Malicious content from E-Mail can be used to perform a redressing attack. Users can be tricked to perform unintended actions or provide sensitive information to a third party which would enable further threats. Attribute values containing HTML fragments are now denied by the…

  • CVE-2024-23191MedApr 8, 2024
    risk 0.35cvss 5.4epss 0.01

    Upsell advertisement information of an account can be manipulated to execute script code in the context of the users browser session. To exploit this an attacker would require temporary access to a users account or an successful social engineering attack to lure users to…

  • CVE-2024-23190MedApr 8, 2024
    risk 0.35cvss 5.4epss 0.01

    Upsell shop information of an account can be manipulated to execute script code in the context of the users browser session. To exploit this an attacker would require temporary access to a users account or an successful social engineering attack to lure users to maliciously…

  • CVE-2024-23189MedApr 8, 2024
    risk 0.35cvss 5.4epss 0.01

    Embedded content references at tasks could be used to temporarily execute script code in the context of the users browser session. To exploit this an attacker would require temporary access to the users account, access to another account within the same context or an successful…

  • CVE-2014-2078MedApr 10, 2018
    risk 0.35cvss 5.3epss 0.01

    The backend in Open-Xchange (OX) AppSuite 7.4.2 before 7.4.2-rev9 allows remote attackers to obtain sensitive information about user email addresses in opportunistic circumstances by leveraging a failure in e-mail auto configuration for external accounts.

  • CVE-2016-3173MedDec 15, 2016
    risk 0.35cvss 5.4epss 0.01

    An issue was discovered in Open-Xchange OX AppSuite before 7.8.0-rev27. The aria-label parameter of tiles at the Portal can be used to inject script code. Those labels use the name of the file (e.g. an image) which gets displayed at the portal application. Using script code at…

  • CVE-2026-40016MedMay 12, 2026
    risk 0.34cvss 5.3epss 0.00

    Attacker can upload a malicious Sieve script over ManageSieve service (or locally) to bypass configured CPU time limits for Sieve up to 130 times of the configured limit. Attacker can use this to degrade server performance and bypass configured CPU time limits for Sieve scripts.…

  • CVE-2024-25584MedSep 6, 2024
    risk 0.34cvss 5.3epss 0.00

    Dovecot accepts dot LF DOT LF symbol as end of DATA command. RFC requires that it should always be CR LF DOT CR LF. This causes Dovecot to convert single mail with LF DOT LF in middle, into two emails when relaying to SMTP. Dovecot will split mail with LF DOT LF into two mails.…

  • CVE-2018-5756MedJun 16, 2018
    risk 0.31cvss 4.3epss 0.06

    The backend component in Open-Xchange OX App Suite before 7.6.3-rev36, 7.8.x before 7.8.2-rev39, 7.8.3 before 7.8.3-rev44, and 7.8.4 before 7.8.4-rev22 does not properly check for folder-to-object association, which allows remote authenticated users to delete arbitrary tasks via…

Page 1 of 6