First published: Mon Feb 12 2024(Updated: )
Processing of CID references at E-Mail can be abused to inject malicious script code that passes the sanitization engine. Malicious script code could be injected to a users sessions when interacting with E-Mails. Please deploy the provided updates and patch releases. CID handing has been improved and resulting content is checked for malicious content. No publicly available exploits are known.
Credit: security@open-xchange.com
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.