CVE-2023-24602: XSS
First published: Mon May 29 2023(Updated: )
OX App Suite before frontend 7.10.6-rev24 allows XSS via data to the Tumblr portal widget, such as a post title.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Open-xchange Ox App Suite | =7.10.6-rev01 | |
| Open-xchange Ox App Suite | =7.10.6-rev02 | |
| Open-xchange Ox App Suite | =7.10.6-rev03 | |
| Open-xchange Ox App Suite | =7.10.6-rev04 | |
| Open-xchange Ox App Suite | =7.10.6-rev05 | |
| Open-xchange Ox App Suite | =7.10.6-rev06 | |
| Open-xchange Ox App Suite | =7.10.6-rev07 | |
| Open-xchange Ox App Suite | =7.10.6-rev08 | |
| Open-xchange Ox App Suite | =7.10.6-rev09 | |
| Open-xchange Ox App Suite | =7.10.6-rev10 | |
| Open-xchange Ox App Suite | =7.10.6-rev11 | |
| Open-xchange Ox App Suite | =7.10.6-rev12 | |
| Open-xchange Ox App Suite | =7.10.6-rev13 | |
| Open-xchange Ox App Suite | =7.10.6-rev14 | |
| Open-xchange Ox App Suite | =7.10.6-rev15 | |
| Open-xchange Ox App Suite | =7.10.6-rev16 | |
| Open-xchange Ox App Suite | =7.10.6-rev17 | |
| Open-xchange Ox App Suite | =7.10.6-rev18 | |
| Open-xchange Ox App Suite | =7.10.6-rev19 | |
| Open-xchange Ox App Suite | =7.10.6-rev20 | |
| Open-xchange Ox App Suite | =7.10.6-rev21 | |
| Open-xchange Ox App Suite | =7.10.6-rev22 | |
| Open-xchange Ox App Suite | =7.10.6-rev23 | |
| Open-xchange Ox App Suite | <7.10.6 | |
| Open-xchange Ox App Suite | =7.10.6 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2023-24602?
The severity of CVE-2023-24602 is medium with a CVSS score of 6.1.
How does CVE-2023-24602 affect Open-xchange Ox App Suite?
CVE-2023-24602 affects Open-xchange Ox App Suite versions 7.10.6-rev01 to 7.10.6-rev23.
What is the vulnerability type of CVE-2023-24602?
CVE-2023-24602 is a Cross-Site Scripting (XSS) vulnerability.
How can I fix CVE-2023-24602?
To fix CVE-2023-24602, update Open-xchange Ox App Suite to version 7.10.6-rev24 or later.
Are there any references for CVE-2023-24602?
Yes, you can find more information about CVE-2023-24602 at the following links: [https://open-xchange.com](https://open-xchange.com) and [http://seclists.org/fulldisclosure/2023/May/3](http://seclists.org/fulldisclosure/2023/May/3).
- collector/nvd-latest
- vendor/open-xchange
- vendor/ox app suite
- collector/nvd-index
- agent/severity
- agent/weakness
- agent/references
- agent/author
- agent/type
- agent/event
- agent/description
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- canonical/open-xchange ox app suite
- version/open-xchange ox app suite/7.10.6-rev01
- version/open-xchange ox app suite/7.10.6-rev02
- version/open-xchange ox app suite/7.10.6-rev03
- version/open-xchange ox app suite/7.10.6-rev04
- version/open-xchange ox app suite/7.10.6-rev05
- version/open-xchange ox app suite/7.10.6-rev06
- version/open-xchange ox app suite/7.10.6-rev07
- version/open-xchange ox app suite/7.10.6-rev08
- version/open-xchange ox app suite/7.10.6-rev09
- version/open-xchange ox app suite/7.10.6-rev10
- version/open-xchange ox app suite/7.10.6-rev11
- version/open-xchange ox app suite/7.10.6-rev12
- version/open-xchange ox app suite/7.10.6-rev13
- version/open-xchange ox app suite/7.10.6-rev14
- version/open-xchange ox app suite/7.10.6-rev15
- version/open-xchange ox app suite/7.10.6-rev16
- version/open-xchange ox app suite/7.10.6-rev17
- version/open-xchange ox app suite/7.10.6-rev18
- version/open-xchange ox app suite/7.10.6-rev19
- version/open-xchange ox app suite/7.10.6-rev20
- version/open-xchange ox app suite/7.10.6-rev21
- version/open-xchange ox app suite/7.10.6-rev22
- version/open-xchange ox app suite/7.10.6-rev23
- version/open-xchange ox app suite/7.10.6