Showing 1 - 1 of 1

CVE-2016-5740

Status Candidate

Overview

An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev5. JavaScript code can be used as part of ical attachments within scheduling E-Mails. This content, for example an appointment's location, will be presented to the user at the E-Mail App, depending on the invitation workflow. This code gets executed within the context of the user's current session. Malicious script code can be executed within a user's context. This can lead to session hijacking or triggering unwanted actions via the web interface (sending mail, deleting data etc.).

Related Files

Open-Xchange App Suite 7.8.2 Cross Site Scripting: Posted Sep 13, 2016; Authored by Martin Heiland; Open-Xchange App Suite versions 7.8.2 and below suffer from multiple cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; advisories | CVE-2016-5740; SHA-256 | 357ca5858f8f3f0f5e8af6faa2268fb1efd131b5eada5dfc41eb2ddb9239f572; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 247 files
Ubuntu 96 files
indoushka 49 files
Jasper Nota 25 files
Gentoo 19 files
Willem Westerhof 19 files
Jim Blankendaal 11 files
Debian 11 files
Apple 9 files
Martijn Baalman 9 files

File Archives

Systems

AIX (429)
Apple (2,099)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,085)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,534)
HPUX (880)
iOS (378)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,603)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,440)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,724)
UNIX (9,433)
UnixWare (187)
Windows (6,668)
Other

CVE-2016-5740

Overview

Related Files

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems