Open Xchange Appsuite
Approved changes feed: RSS · Atom
cpe:2.3:a:open-xchange:open-xchange_appsuite:*:rev-26:*:*:*:*:*:*
part: a version: * update: rev-26
| Vendor | Open Xchange (85b486f1-55be-55d2-8b83-a25950d10c23) |
|---|---|
| Product | Open Xchange Appsuite (5c4f7579-8692-5eac-881b-9aff46aef717) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from purl2cpe mapping |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:open-xchange.com/appsuite |
purl2cpe | 2026-06-01 10:16:44.109904 |
pkg:rpm/opensuse/open-xchange-appsuite |
purl2cpe | 2026-06-01 10:16:44.109906 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2016-3174 |
vulnerable | 2026-06-03 14:35:45.588248 |
Details available
An issue was discovered in Open-Xchange OX AppSuite before 7.8.0-rev27. The "defer" servlet offers to redirect a client to a specified URL. Since some checks were missing, arbitrary URLs could be provided as redirection target. Users can be tricked to follow a link to a trustworthy domain but end up at an unexpected service later on. This vulnerability can be used to prepare and enhance phishing attacks.
Published: 2016-12-15T06:31:00.000Z
Updated: 2024-08-05T23:47:58.066Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.