CVE-2022-29852: XSS
First published: Mon Dec 26 2022(Updated: )
OX App Suite through 8.2 allows XSS because BMFreehand10 and image/x-freehand are not blocked.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Open-xchange Open-xchange Appsuite | <7.10.5 | |
| Open-xchange Open-xchange Appsuite | >=8.2<8.2.324 | |
| Open-xchange Open-xchange Appsuite | =7.10.5 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_5961 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_5973 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_5976 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_5982 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_5989 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_5994 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_6000 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_6003 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_6008 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_6010 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_6016 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_6020 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_6026 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_6029 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_6034 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_6035 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_6038 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_6046 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_6051 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_6053 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_6060 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_6061 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_6066 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_6068 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_6072 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_6079 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_6084 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_6092 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_6101 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_6111 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_6120 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_6132 | |
| Open-xchange Open-xchange Appsuite | =7.10.6 | |
| Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6069 | |
| Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6073 | |
| Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6080 | |
| Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6085 | |
| Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6093 | |
| Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6102 | |
| Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6112 | |
| Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6121 | |
| Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6133 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2022-29852.
What is the severity of CVE-2022-29852?
The severity of CVE-2022-29852 is medium with a CVSS score of 5.4.
What software is affected by CVE-2022-29852?
Open-xchange Open-xchange Appsuite versions up to 8.2.324 are affected by CVE-2022-29852.
What is the impact of CVE-2022-29852?
CVE-2022-29852 allows for XSS (cross-site scripting) attacks.
How can I fix CVE-2022-29852?
To fix CVE-2022-29852, it is recommended to update to a version of Open-xchange Appsuite that is not affected by the vulnerability.
- collector/nvd-index
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/tags
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/open-xchange
- canonical/open-xchange open-xchange appsuite
- version/open-xchange open-xchange appsuite/8.2
- version/open-xchange open-xchange appsuite/7.10.5
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_5961
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_5973
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_5976
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_5982
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_5989
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_5994
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_6000
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_6003
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_6008
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_6010
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_6016
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_6020
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_6026
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_6029
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_6034
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_6035
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_6038
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_6046
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_6051
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_6053
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_6060
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_6061
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_6066
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_6068
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_6072
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_6079
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_6084
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_6092
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_6101
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_6111
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_6120
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_6132
- version/open-xchange open-xchange appsuite/7.10.6
- version/open-xchange open-xchange appsuite/7.10.6-patch_release_6069
- version/open-xchange open-xchange appsuite/7.10.6-patch_release_6073
- version/open-xchange open-xchange appsuite/7.10.6-patch_release_6080
- version/open-xchange open-xchange appsuite/7.10.6-patch_release_6085
- version/open-xchange open-xchange appsuite/7.10.6-patch_release_6093
- version/open-xchange open-xchange appsuite/7.10.6-patch_release_6102
- version/open-xchange open-xchange appsuite/7.10.6-patch_release_6112
- version/open-xchange open-xchange appsuite/7.10.6-patch_release_6121
- version/open-xchange open-xchange appsuite/7.10.6-patch_release_6133