CVE-2023-24601: XSS
First published: Mon May 29 2023(Updated: )
OX App Suite before frontend 7.10.6-rev24 allows XSS via a non-app deeplink such as the jslob API's registry sub-tree.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Open-xchange Ox App Suite | =7.10.6-rev01 | |
| Open-xchange Ox App Suite | =7.10.6-rev02 | |
| Open-xchange Ox App Suite | =7.10.6-rev03 | |
| Open-xchange Ox App Suite | =7.10.6-rev04 | |
| Open-xchange Ox App Suite | =7.10.6-rev05 | |
| Open-xchange Ox App Suite | =7.10.6-rev06 | |
| Open-xchange Ox App Suite | =7.10.6-rev07 | |
| Open-xchange Ox App Suite | =7.10.6-rev08 | |
| Open-xchange Ox App Suite | =7.10.6-rev09 | |
| Open-xchange Ox App Suite | =7.10.6-rev10 | |
| Open-xchange Ox App Suite | =7.10.6-rev11 | |
| Open-xchange Ox App Suite | =7.10.6-rev12 | |
| Open-xchange Ox App Suite | =7.10.6-rev13 | |
| Open-xchange Ox App Suite | =7.10.6-rev14 | |
| Open-xchange Ox App Suite | =7.10.6-rev15 | |
| Open-xchange Ox App Suite | =7.10.6-rev16 | |
| Open-xchange Ox App Suite | =7.10.6-rev17 | |
| Open-xchange Ox App Suite | =7.10.6-rev18 | |
| Open-xchange Ox App Suite | =7.10.6-rev19 | |
| Open-xchange Ox App Suite | =7.10.6-rev20 | |
| Open-xchange Ox App Suite | =7.10.6-rev21 | |
| Open-xchange Ox App Suite | =7.10.6-rev22 | |
| Open-xchange Ox App Suite | =7.10.6-rev23 | |
| Open-xchange Ox App Suite | <7.10.6 | |
| Open-xchange Ox App Suite | =7.10.6 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2023-24601?
CVE-2023-24601 is a vulnerability in OX App Suite before frontend 7.10.6-rev24 that allows XSS via a non-app deeplink such as the jslob API's registry sub-tree.
How severe is CVE-2023-24601?
CVE-2023-24601 has a severity rating of 6.1, which is considered medium.
What software is affected by CVE-2023-24601?
OX App Suite versions 7.10.6-rev01 to 7.10.6-rev23 are affected by CVE-2023-24601.
How can I fix CVE-2023-24601?
To fix CVE-2023-24601, upgrade to OX App Suite frontend 7.10.6-rev24 or a newer version.
Where can I find more information about CVE-2023-24601?
You can find more information about CVE-2023-24601 at the following references: [link1](https://open-xchange.com), [link2](http://seclists.org/fulldisclosure/2023/May/3).
- collector/nvd-latest
- vendor/open-xchange
- vendor/ox app suite
- collector/nvd-index
- agent/severity
- agent/author
- agent/weakness
- agent/references
- agent/description
- agent/type
- agent/event
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- canonical/open-xchange ox app suite
- version/open-xchange ox app suite/7.10.6-rev01
- version/open-xchange ox app suite/7.10.6-rev02
- version/open-xchange ox app suite/7.10.6-rev03
- version/open-xchange ox app suite/7.10.6-rev04
- version/open-xchange ox app suite/7.10.6-rev05
- version/open-xchange ox app suite/7.10.6-rev06
- version/open-xchange ox app suite/7.10.6-rev07
- version/open-xchange ox app suite/7.10.6-rev08
- version/open-xchange ox app suite/7.10.6-rev09
- version/open-xchange ox app suite/7.10.6-rev10
- version/open-xchange ox app suite/7.10.6-rev11
- version/open-xchange ox app suite/7.10.6-rev12
- version/open-xchange ox app suite/7.10.6-rev13
- version/open-xchange ox app suite/7.10.6-rev14
- version/open-xchange ox app suite/7.10.6-rev15
- version/open-xchange ox app suite/7.10.6-rev16
- version/open-xchange ox app suite/7.10.6-rev17
- version/open-xchange ox app suite/7.10.6-rev18
- version/open-xchange ox app suite/7.10.6-rev19
- version/open-xchange ox app suite/7.10.6-rev20
- version/open-xchange ox app suite/7.10.6-rev21
- version/open-xchange ox app suite/7.10.6-rev22
- version/open-xchange ox app suite/7.10.6-rev23
- version/open-xchange ox app suite/7.10.6