First published: Mon Nov 22 2021(Updated: )
chat in OX App Suite 7.10.5 has Improper Input Validation. A user can be redirected to a rogue OX Chat server via a development-related hook.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Open-xchange Ox App Suite | <=7.10.5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2021-33488 is medium.
CVE-2021-33488 affects OX App Suite version 7.10.5.
CVE-2021-33488 is an Improper Input Validation vulnerability in the chat feature of OX App Suite 7.10.5.
An attacker can exploit CVE-2021-33488 by redirecting a user to a rogue OX Chat server using a development-related hook.
Yes, you can find references for CVE-2021-33488 at the following URLs: [http://packetstormsecurity.com/files/165028/OX-App-Suite-Ox-Documents-7.10.x-XSS-Code-Injection-Traversal.html](http://packetstormsecurity.com/files/165028/OX-App-Suite-Ox-Documents-7.10.x-XSS-Code-Injection-Traversal.html), [http://seclists.org/fulldisclosure/2021/Nov/42](http://seclists.org/fulldisclosure/2021/Nov/42), [https://open-xchange.com](https://open-xchange.com)