Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange AppSuite and Server before 6.20.7 rev18, 6.22.0 before rev16, 6.22.1 before rev19, 7.0.1 before rev7, 7.0.2 before rev11, and 7.2.0 before rev8 allow remote attackers to inject arbitrary web script or HTML via (1) embedded VBScript, (2) object/data Base64 content, (3) a Content-Type header, or (4) UTF-16 encoding, aka Bug IDs 25957, 26237, 26243, and 26244.
Metrics
Affected Vendors & Products
| Vendors | Products |
|---|---|
| Open-xchange |
|
Configuration 1 [-]
|
No data.
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2013-09-05T10:00:00Z
Updated: 2024-09-17T03:47:47.749Z
Reserved: 2013-04-17T00:00:00Z
Link: CVE-2013-3106
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2013-09-05T11:44:57.690
Modified: 2013-09-26T17:35:52.043
Link: CVE-2013-3106
Redhat
No data.