First published: Mon Feb 12 2024(Updated: )
User ID references at mentions in document comments were not correctly sanitized. Script code could be injected to a users session when working with a malicious document. Please deploy the provided updates and patch releases. User-defined content like comments and mentions are now filtered to avoid potentially malicious content. No publicly available exploits are known.
Credit: security@open-xchange.com
Affected Software | Affected Version | How to fix |
---|---|---|
Open-xchange Open-xchange Appsuite | <7.10.6 | |
Open-xchange Open-xchange Appsuite | >7.10.6<8.20 | |
Open-xchange Open-xchange Appsuite | =7.10.6 | |
Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6069 | |
Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6073 | |
Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6080 | |
Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6085 | |
Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6093 | |
Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6102 | |
Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6112 | |
Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6121 | |
Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6133 | |
Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6138 | |
Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6141 | |
Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6146 | |
Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6147 | |
Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6148 | |
Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6150 | |
Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6156 | |
Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6161 | |
Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6166 | |
Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6173 | |
Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6176 | |
Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6178 | |
Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6189 | |
Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6194 | |
Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6199 | |
Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6204 | |
Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6205 | |
Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6209 | |
Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6210 | |
Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6214 | |
Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6215 | |
Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6216 | |
Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6218 | |
Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6219 | |
Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6220 | |
Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6227 | |
Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6230 | |
Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6233 | |
Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6235 | |
Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6236 | |
Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6239 | |
Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6241 | |
Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6243 | |
Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6245 | |
Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6248 | |
Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6249 | |
Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6250 | |
Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6251 | |
Open-xchange Open-xchange Appsuite | =7.10.6-patch_release_6255 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.