Approved changes feed: RSS · Atom
cpe:2.3:a:open-xchange:app_suite:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Open Xchange (85b486f1-55be-55d2-8b83-a25950d10c23) |
|---|---|
| Product | App Suite (24e3fa8d-feb9-5cdc-b8d8-349a5a45ed5e) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from purl2cpe mapping |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:docker/iovietnam/open-xchange-appsuite |
purl2cpe | 2026-06-01 10:16:43.743189 |
pkg:npm/open-xchange-appsuite |
purl2cpe | 2026-06-01 10:16:43.743192 |
pkg:rpm/opensuse/open-xchange-appsuite |
purl2cpe | 2026-06-01 10:16:43.743195 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-23188 |
vulnerable | 2026-06-03 14:55:02.009999 |
Details available
MEDIUM (6.5)
Maliciously crafted E-Mail attachment names could be used to temporarily execute script code in the context of the users browser session. Common user interaction is required for the vulnerability to trigger. Attackers could perform malicious API requests or extract information from the users account. Please deploy the provided updates and patch releases. We now use safer methods of handling external content when embedding attachment information to the web interface. No publicly available exploits are known.
Published: 2024-05-06T06:36:40.100Z
Updated: 2025-02-13T17:33:48.139Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-23099 |
vulnerable | 2026-06-03 14:46:26.408492 |
Details available
OX App Suite through 7.10.6 allows XSS by forcing block-wise read.
Published: 2022-07-27T13:25:54.000Z
Updated: 2024-08-03T03:36:19.073Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.