CVE-2022-29853: XSS
First published: Mon Dec 26 2022(Updated: )
OX App Suite through 8.2 allows XSS via a certain complex hierarchy that forces use of Show Entire Message for a huge HTML e-mail message.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Open-xchange Open-xchange Appsuite | <7.10.5 | |
| Open-xchange Open-xchange Appsuite | =7.10.5 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_5961 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_5973 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_5976 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_5982 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_5989 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_5994 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_6000 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_6003 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_6008 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_6010 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_6016 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_6020 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_6026 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_6029 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_6034 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_6035 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_6038 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_6046 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_6051 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_6053 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_6060 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_6061 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_6066 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_6068 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_6072 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_6079 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_6084 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_6092 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_6101 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_6111 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_6120 | |
| Open-xchange Open-xchange Appsuite | =7.10.5-patch_release_6132 | |
| Open-xchange Open-xchange Appsuite | =7.10.6 | |
| Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6069 | |
| Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6073 | |
| Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6080 | |
| Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6085 | |
| Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6093 | |
| Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6102 | |
| Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6112 | |
| Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6121 | |
| Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6133 | |
| Open-xchange Open-xchange Appsuite | =8.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2022-29853?
The severity of CVE-2022-29853 is rated as medium with a CVSS score of 5.4.
How does CVE-2022-29853 impact OX App Suite versions?
CVE-2022-29853 impacts OX App Suite versions up to 8.2.
What vulnerability does CVE-2022-29853 pose in OX App Suite?
CVE-2022-29853 poses a cross-site scripting (XSS) vulnerability in OX App Suite.
Is there a patch available to address CVE-2022-29853 in Open-Xchange Open-Xchange Appsuite?
Yes, there are patches available to address CVE-2022-29853 in Open-Xchange Open-Xchange Appsuite.
Where can I find more information about CVE-2022-29853?
More information about CVE-2022-29853 can be found at the Open-Xchange website and on the seclists.org security mailing list.
- collector/nvd-index
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/type
- agent/event
- agent/description
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/open-xchange
- canonical/open-xchange open-xchange appsuite
- version/open-xchange open-xchange appsuite/7.10.5
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_5961
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_5973
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_5976
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_5982
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_5989
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_5994
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_6000
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_6003
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_6008
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_6010
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_6016
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_6020
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_6026
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_6029
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_6034
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_6035
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_6038
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_6046
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_6051
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_6053
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_6060
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_6061
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_6066
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_6068
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_6072
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_6079
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_6084
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_6092
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_6101
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_6111
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_6120
- version/open-xchange open-xchange appsuite/7.10.5-patch_release_6132
- version/open-xchange open-xchange appsuite/7.10.6
- version/open-xchange open-xchange appsuite/7.10.6-patch_release_6069
- version/open-xchange open-xchange appsuite/7.10.6-patch_release_6073
- version/open-xchange open-xchange appsuite/7.10.6-patch_release_6080
- version/open-xchange open-xchange appsuite/7.10.6-patch_release_6085
- version/open-xchange open-xchange appsuite/7.10.6-patch_release_6093
- version/open-xchange open-xchange appsuite/7.10.6-patch_release_6102
- version/open-xchange open-xchange appsuite/7.10.6-patch_release_6112
- version/open-xchange open-xchange appsuite/7.10.6-patch_release_6121
- version/open-xchange open-xchange appsuite/7.10.6-patch_release_6133
- version/open-xchange open-xchange appsuite/8.2